fix https://github.com/kyverno/kyverno/issues/1324

cmd/kyverno/main.go

@@ -111,14 +111,12 @@ func main() {
 		os.Exit(1)
 	}
 
-	// ======================= resource cache ====================
 	rCache, err := resourcecache.NewResourceCache(log.Log, clientConfig, client, []string{"configmaps"}, []string{})
 	if err != nil {
-		setupLog.Error(err, "Failed to create resource cache")
+		setupLog.Error(err, "ConfigMap lookup disabled: failed to create resource cache")
-		os.Exit(1)
+	} else {
+		rCache.RunAllInformers(log.Log)
 	}
-	rCache.RunAllInformers(log.Log)
-	// ===========================================================
 
 	// CRD CHECK
 	// - verify if Kyverno CRDs are available

pkg/policy/apply.go

@@ -54,6 +54,7 @@ func applyPolicy(policy kyverno.ClusterPolicy, resource unstructured.Unstructure
 	//TODO: GENERATION
 	return engineResponses
 }
+
 func mutation(policy kyverno.ClusterPolicy, resource unstructured.Unstructured, ctx context.EvalInterface, log logr.Logger, resCache resourcecache.ResourceCacheIface, jsonContext *context.Context) (response.EngineResponse, error) {
 
 	engineResponse := engine.Mutate(engine.PolicyContext{Policy: policy, NewResource: resource, Context: ctx, ResourceCache: resCache, JSONContext: jsonContext})

pkg/resourcecache/main.go

@@ -1,8 +1,6 @@
 package resourcecache
 
 import (
-	// "fmt"
-	// "time"
 	"github.com/go-logr/logr"
 	dclient "github.com/kyverno/kyverno/pkg/dclient"
 	"k8s.io/apimachinery/pkg/runtime/schema"
@@ -47,19 +45,40 @@ func NewResourceCache(log logr.Logger, config *rest.Config, dclient *dclient.Cli
 
 	resCache := &ResourceCache{GVRCacheData: cacheData, dinformer: dInformer, match: match, exclude: exclude}
 
-	err := udateGVRCache(logger, resCache, discoveryIface)
+	if resCache.matchGVRKey("configmaps") {
-	if err != nil {
+		_, ok := resCache.GVRCacheData["configmaps"]
-		logger.Error(err, "error in udateGVRCache function")
+		if !ok {
-		return nil, err
+			updateGVRCacheForConfigMap(resCache)
+		}
+	} else {
+		err := udateGVRCache(logger, resCache, discoveryIface)
+		if err != nil {
+			logger.Error(err, "error in udateGVRCache function")
+			return nil, err
+		}
 	}
+
 	return resCache, nil
 }
 
+func updateGVRCacheForConfigMap(resc *ResourceCache) {
+	gvrc := &GVRCache{
+		GVR: schema.GroupVersionResource{
+			Version:  "v1",
+			Resource: "configmaps",
+		},
+		Namespaced: true,
+	}
+
+	resc.GVRCacheData["configmaps"] = gvrc
+}
+
 func udateGVRCache(log logr.Logger, resc *ResourceCache, discoveryIface discovery.CachedDiscoveryInterface) error {
 	serverResources, err := discoveryIface.ServerPreferredResources()
 	if err != nil {
 		return err
 	}
+
 	for _, serverResource := range serverResources {
 		groupVersion := serverResource.GroupVersion
 		for _, resource := range serverResource.APIResources {
@@ -82,5 +101,6 @@ func udateGVRCache(log logr.Logger, resc *ResourceCache, discoveryIface discover
 			}
 		}
 	}
+
 	return nil
 }