policy-server icon indicating copy to clipboard operation
policy-server copied to clipboard
verified publisher icon kubewarden

Allow policies to pull information from the Kubernetes cluster

Open ereslibre opened this issue 4 years ago • 1 comments

Allow guest policies to pull information from the Kubernetes cluster. This information can be a list of well-known type of resources and could be cached by the policy server, served from the cache to the guest policy. This allows a guest policy to take more complex decisions, based on the current status of the cluster.

For example, if a resource is namespaced, we can add a way to retrieve the namespace it belongs to, so the policy can read the annotations and labels.

In general, we could allow the policy to read arbitrary information (a fixed list of well known resources).

ereslibre avatar Feb 04 '21 23:02 ereslibre

Also, this would allow to have policies like the following one from OPA: https://www.openpolicyagent.org/docs/latest/kubernetes-tutorial/

flavio avatar Feb 05 '21 09:02 flavio

This is done as part of Kubewarden 1.6.0

flavio avatar Jun 27 '23 13:06 flavio