mirror of
https://github.com/kyverno/policy-reporter.git
synced 2024-12-14 11:57:32 +00:00
Configuration Improvements
This commit is contained in:
parent
8cf6013905
commit
98fc143065
5 changed files with 20 additions and 24 deletions
15
README.md
15
README.md
|
@ -21,14 +21,19 @@ You can also customize the `./charts/policy-reporter/values.yaml` to change the
|
||||||
|
|
||||||
### Configure policyPriorities
|
### Configure policyPriorities
|
||||||
|
|
||||||
By default kyverno PolicyReports has no priority or severity for policies. So every passed rule validation will be processed as notice, a failed validation is processed as error. To customize this you can configure a mapping from policies to fail priorities. So you can send them as warnings instead of errors.
|
By default kyverno PolicyReports has no priority or severity for policies. So every passed rule validation will be processed as notice, a failed validation is processed as error. To customize this you can configure a mapping from policies to fail priorities. So you can send them as warnings instead of errors. To configure the priorities create a ConfigMap in the `policy-reporter` namespace with the name `policy-reporter-config`. This ConfigMap have to have a property `config.yaml` with the map as YAML content. See the Example for Detailes.
|
||||||
|
|
||||||
|
#### Example
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
# values.yaml
|
# config.yaml
|
||||||
# policyPriorities example diff
|
policy_priorities:
|
||||||
|
check-label-app: warning
|
||||||
|
require-ns-labels: warning
|
||||||
|
```
|
||||||
|
|
||||||
policyPriorities:
|
```bash
|
||||||
check-label-app: warning
|
kubectl create configmap policy-reporter-config --from-file=config.yaml -n policy-reporter
|
||||||
```
|
```
|
||||||
|
|
||||||
## Example Outputs
|
## Example Outputs
|
||||||
|
|
|
@ -1,14 +0,0 @@
|
||||||
apiVersion: v1
|
|
||||||
data:
|
|
||||||
config.yaml: |-
|
|
||||||
loki:
|
|
||||||
host: {{ .Values.loki.host }}
|
|
||||||
|
|
||||||
{{- with .Values.policyPriorities }}
|
|
||||||
policy_priorities:
|
|
||||||
{{- toYaml . | nindent 6 }}
|
|
||||||
{{- end }}
|
|
||||||
kind: ConfigMap
|
|
||||||
metadata:
|
|
||||||
name: {{ include "policyreporter.fullname" . }}-config
|
|
||||||
namespace: policy-reporter
|
|
|
@ -43,7 +43,11 @@ spec:
|
||||||
- name: config-volume
|
- name: config-volume
|
||||||
mountPath: /app/config.yaml
|
mountPath: /app/config.yaml
|
||||||
subPath: config.yaml
|
subPath: config.yaml
|
||||||
|
env:
|
||||||
|
- name: LOKI_HOST
|
||||||
|
value: {{ .Values.loki.host | quote }}
|
||||||
volumes:
|
volumes:
|
||||||
- name: config-volume
|
- name: config-volume
|
||||||
configMap:
|
configMap:
|
||||||
name: {{ include "policyreporter.fullname" . }}-config
|
name: policy-reporter-config
|
||||||
|
optional: true
|
|
@ -2,7 +2,7 @@ loki:
|
||||||
host: http://loki.loki-stack.svc.cluster.local:3100
|
host: http://loki.loki-stack.svc.cluster.local:3100
|
||||||
image:
|
image:
|
||||||
repository: fjogeleit/policy-reporter
|
repository: fjogeleit/policy-reporter
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: Always
|
||||||
tag: 0.1.0
|
tag: 0.1.0
|
||||||
imagePullSecrets: []
|
imagePullSecrets: []
|
||||||
service:
|
service:
|
||||||
|
@ -15,5 +15,3 @@ resources:
|
||||||
limits:
|
limits:
|
||||||
memory: 100Mi
|
memory: 100Mi
|
||||||
cpu: 50m
|
cpu: 50m
|
||||||
|
|
||||||
policyPriorities: []
|
|
|
@ -4,6 +4,7 @@ import (
|
||||||
"flag"
|
"flag"
|
||||||
"log"
|
"log"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"strings"
|
||||||
|
|
||||||
"github.com/fjogeleit/policy-reporter/pkg/config"
|
"github.com/fjogeleit/policy-reporter/pkg/config"
|
||||||
"github.com/fjogeleit/policy-reporter/pkg/report"
|
"github.com/fjogeleit/policy-reporter/pkg/report"
|
||||||
|
@ -80,6 +81,8 @@ func NewCLI() *cobra.Command {
|
||||||
|
|
||||||
func LoadConfig(cmd *cobra.Command) (*config.Config, error) {
|
func LoadConfig(cmd *cobra.Command) (*config.Config, error) {
|
||||||
v := viper.New()
|
v := viper.New()
|
||||||
|
v.SetEnvKeyReplacer(strings.NewReplacer(".", "_"))
|
||||||
|
|
||||||
cfgFile := ""
|
cfgFile := ""
|
||||||
|
|
||||||
configFlag := cmd.Flags().Lookup("config")
|
configFlag := cmd.Flags().Lookup("config")
|
||||||
|
|
Loading…
Reference in a new issue