Chip Zoller
Chip Zoller
### Problem Statement In policy reports today, when the offending resource is deleted, the corresponding entry/entries are expunged. This means that a policy report is only accurate in real time....
### Problem Statement Today in Kyverno, the audit mode only applies to policies having validate rules. While this is nice in that it allows a report to be generated showing...
### Kyverno Version 1.7.3 ### Kubernetes Version 1.23.x ### Kubernetes Platform K3d ### Kyverno Rule Type Other ### Description Using this command to install Kyverno: `helm install kyverno kyverno/kyverno -n...
### Kyverno Version 1.8.0 ### Description Installing the kyverno-poilcies chart on Kyverno 1.8.0-rc1 throws `Invalid Semantic Version` ``` Error: INSTALLATION FAILED: template: kyverno-policies/templates/baseline/disallow-capabilities.yaml:3:4: executing "kyverno-policies/templates/baseline/disallow-capabilities.yaml" at : error calling include:...
### Problem Statement As of August 2022 and Kubernetes 1.25, there has been a [slight modification to the Pod Security Standards guidance](https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted-pod-security-standard-changes). Pods scheduled to Windows nodes do not need...
As of 1.25, in a Pod the `spec.os` is now enforced and obeyed whereas previously it was null. See blog [here](https://kubernetes.io/blog/2022/08/25/pod-security-admission-stable/#changes-to-the-pod-security-standards). Need to update PSS policies so for the three...
**Description** Since Cosign 1.10.1, the ability to perform a `cosign verify-attestation` on a keyless-signed image containing attestations of multiple predicate types returns `main.go:62: error during command execution: none of the...
**Is your feature request related to a problem? Please describe.** The environment variable `CLOUD_PROVIDER_API_KEY` is present by default in [several manifests](https://github.com/search?q=repo%3Aopencost%2Fopencost%20CLOUD_PROVIDER_API_KEY&type=code) with a hard-coded value. This is to increase user...
There is an undocumented value discovered [here](https://github.com/redhat-cop/namespace-configuration-operator/blob/4c806ab8939afa098cb9256840db612f4328de0a/config/helmchart/templates/certificate.yaml#L1) called `enableCertManager` which must be set to `true`, at least when installing NCO outside of an OpenShift environment, as well as a prerequisite...
**What would you like to be added**: `kuttl` should support test directory recursion rather than having to explicitly specify every parent directory in a TestSuite file. **Why is this needed**:...