Flavio Castelli
Flavio Castelli
Currently the release process of the controller is somehow complicated. These are currently some of the pain point of the release process: * Creating the changelong is painful. The `make`...
### Is there an existing issue for this? - [X] I have searched the existing issues ### Current Behavior Apparently it's possible to create either a `ClusterAdmissionPolicy` or an `AdmissionPolicy`...
These are the policies that require access to the image scanner service of NV: * [ ] CVE names * [ ] CVE score * [ ] count of high...
## UNLICENSED_DEPENDENCY - github.com/chzyer/logex (v1.1.10) [View issue on FOSSA](https://app.fossa.com/projects/custom%2B25850%2Fgithub.com%2Fkubewarden%2Fkubewarden-controller/refs/branch/main/b689790aad9413b44672b2fa5b9311e9a837209d/issues/licensing/1922379?filter=unlicensed_dependency&revScanId=29850560&status=any) ### Component URL https://proxy.golang.org/github.com/chzyer/logex/@v/v1.1.10.zip ### Affected Projects - https://github.com/kubewarden/kubewarden-controller - rancher/rancher ### Issue This dependency hasn't specified a license. You may...
Right now the controller creates a CA and, with this CA, creates the PEM certificate used by the policy-server. The Kubernetes API server relies on this CA to verify the...
Running container images with a read-only filesystem is considered a good security practice. I think we can achieve that both for policy-server and for kubewarden-controller. For policy-server we will need...
The Rancher manifest allows charts to ask [questions](https://rancher.com/docs/rancher/v2.x/en/helm-charts/legacy-catalogs/creating-apps/#questions-yml) to the users, which is a really convenient way to provide chart values. Right now our manifest doesn't ask any question. ##...
This is related with https://github.com/kubewarden/kubewarden-controller/issues/42 We need to offer the following scenarios via our helm chart: 1. User has already a Kubernetes Secret that contains the docker configuration file that...
### Is there an existing issue for this? - [X] I have searched the existing issues ### Current Behavior Currently the e2e test are downloading official policies. This alters the...
Right now `kwctl` reuses the docker credentials to be able to pull and push to OCI registries. However, what if the user doesn't have the credentials for a certain registry?...