Chip Zoller
Chip Zoller
There's only one `apply` command but different parameters. Start simple and don't use the `--cluster` flag. Take a sample policy and apply it to a resource. Then measure the output...
For those assigned, if you are no longer working on this issue then kindly unassign yourselves to indicate to other contributors it is available.
Still needs investigation. Will not be present in 1.12.
This should just be a CRD change so the field is defaulted to `Fail`.
@realshuting can you take this one?
If we can do it in `spec.applyRules` without the mutating webhook, can we not use the same method for `spec.failurePolicy` as well?
> > What does this command return? > > ``` > > kubectl auth can-i get secret --as system:serviceaccount:kyverno:kyverno-admission-controller > > ``` > > It returned a "no" if that...
Did the ClusterRoles and Roles get created for Kyverno upon installation? Seems like something is missing there.
Assuming Kyverno has been installed into a Namespace called `kyverno`, try: ```sh kubectl get clusterrole,role -n kyverno | grep kyverno ```
You're missing all these! ``` role.rbac.authorization.k8s.io/kyverno:admission-controller 2023-11-30T00:24:13Z role.rbac.authorization.k8s.io/kyverno:background-controller 2023-11-30T00:24:13Z role.rbac.authorization.k8s.io/kyverno:cleanup-controller 2023-11-30T00:24:13Z role.rbac.authorization.k8s.io/kyverno:reports-controller 2023-11-30T00:24:13Z ```