policy-controller icon indicating copy to clipboard operation
policy-controller copied to clipboard

Published 20 hours ago verified publisher icon sigstore

Add annotations to objects admitted by policy-controller

Open jkjell opened this issue 2 years ago • 5 comments

Description

It would be awesome to see the results of policy-controller admissions recorded on affected objects.

There's a great example from Tekton Chains where they record helpful metadata:

kubectl get tr [TASKRUN_NAME] -o json | jq -r .metadata.annotations

{
  "chains.tekton.dev/signed": "true",
  ...
}

The things that seem most useful to me from the policy-controller side would be an annotation referencing the admitting or denying policy, the status, and ideally, enough details to understand the reasoning behind the policy decision.

jkjell avatar Feb 23 '23 08:02 jkjell

I can take care of this one. What is our timeline for v1?

elfotografo007 avatar Mar 06 '23 14:03 elfotografo007

@elfotografo007 We don't have a defined timeline yet.

hectorj2f avatar Mar 06 '23 15:03 hectorj2f

Feel free to assign it to yourself whenever you start working on this.

hectorj2f avatar Mar 06 '23 15:03 hectorj2f

I don't have the right to assign it to me. Can you assign it?

elfotografo007 avatar Mar 14 '23 14:03 elfotografo007

@elfotografo007 Done 👍!

hectorj2f avatar Mar 14 '23 14:03 hectorj2f