website icon indicating copy to clipboard operation
website copied to clipboard

Published 20 hours ago verified publisher icon kyverno

[Enhancement] clarify expectation around `schemaValidation` flag and `.spec.schemaValidation`

Open FrancoisPoinsot opened this issue 5 months ago • 2 comments

Description

As far as I understand schemaValidation doesn't serve a purpose anymore. Both as a command flag and as a the .spec. schemaValidation field in the a policy.

You can still find reference about that field in the documentation that hints it is a valid workaround for solving problems related to missing CRD. Example: https://kyverno.io/docs/writing-policies/tips/#validate.

And this workaround makes sense. As you might expect kyverno validation to be dynamically typed. I certainly did.

This issue is a follow up to that thread: https://kubernetes.slack.com/archives/CLGR9BJU9/p1719931376972489 In there you can find the statement "That's correct, a CRD is always required.". I think this is a very clear statement that I wish would be directly available in the documentation.

recommendation:

  • state clearly in the documentation that CRD is always required
  • cleanup references to schemaValidation that are not about deprecation.

Slack discussion

https://kubernetes.slack.com/archives/CLGR9BJU9/p1719931376972489

FrancoisPoinsot avatar Sep 13 '24 11:09 FrancoisPoinsot