1
0
Fork 0
mirror of https://github.com/kyverno/policy-reporter.git synced 2024-12-14 11:57:32 +00:00

Configuration Improvements

This commit is contained in:
Frank Jogeleit 2021-02-20 19:20:34 +01:00
parent 8cf6013905
commit 98fc143065
5 changed files with 20 additions and 24 deletions

View file

@ -21,14 +21,19 @@ You can also customize the `./charts/policy-reporter/values.yaml` to change the
### Configure policyPriorities ### Configure policyPriorities
By default kyverno PolicyReports has no priority or severity for policies. So every passed rule validation will be processed as notice, a failed validation is processed as error. To customize this you can configure a mapping from policies to fail priorities. So you can send them as warnings instead of errors. By default kyverno PolicyReports has no priority or severity for policies. So every passed rule validation will be processed as notice, a failed validation is processed as error. To customize this you can configure a mapping from policies to fail priorities. So you can send them as warnings instead of errors. To configure the priorities create a ConfigMap in the `policy-reporter` namespace with the name `policy-reporter-config`. This ConfigMap have to have a property `config.yaml` with the map as YAML content. See the Example for Detailes.
#### Example
```yaml ```yaml
# values.yaml # config.yaml
# policyPriorities example diff policy_priorities:
check-label-app: warning
require-ns-labels: warning
```
policyPriorities: ```bash
check-label-app: warning kubectl create configmap policy-reporter-config --from-file=config.yaml -n policy-reporter
``` ```
## Example Outputs ## Example Outputs

View file

@ -1,14 +0,0 @@
apiVersion: v1
data:
config.yaml: |-
loki:
host: {{ .Values.loki.host }}
{{- with .Values.policyPriorities }}
policy_priorities:
{{- toYaml . | nindent 6 }}
{{- end }}
kind: ConfigMap
metadata:
name: {{ include "policyreporter.fullname" . }}-config
namespace: policy-reporter

View file

@ -43,7 +43,11 @@ spec:
- name: config-volume - name: config-volume
mountPath: /app/config.yaml mountPath: /app/config.yaml
subPath: config.yaml subPath: config.yaml
env:
- name: LOKI_HOST
value: {{ .Values.loki.host | quote }}
volumes: volumes:
- name: config-volume - name: config-volume
configMap: configMap:
name: {{ include "policyreporter.fullname" . }}-config name: policy-reporter-config
optional: true

View file

@ -2,7 +2,7 @@ loki:
host: http://loki.loki-stack.svc.cluster.local:3100 host: http://loki.loki-stack.svc.cluster.local:3100
image: image:
repository: fjogeleit/policy-reporter repository: fjogeleit/policy-reporter
pullPolicy: IfNotPresent pullPolicy: Always
tag: 0.1.0 tag: 0.1.0
imagePullSecrets: [] imagePullSecrets: []
service: service:
@ -15,5 +15,3 @@ resources:
limits: limits:
memory: 100Mi memory: 100Mi
cpu: 50m cpu: 50m
policyPriorities: []

View file

@ -4,6 +4,7 @@ import (
"flag" "flag"
"log" "log"
"net/http" "net/http"
"strings"
"github.com/fjogeleit/policy-reporter/pkg/config" "github.com/fjogeleit/policy-reporter/pkg/config"
"github.com/fjogeleit/policy-reporter/pkg/report" "github.com/fjogeleit/policy-reporter/pkg/report"
@ -80,6 +81,8 @@ func NewCLI() *cobra.Command {
func LoadConfig(cmd *cobra.Command) (*config.Config, error) { func LoadConfig(cmd *cobra.Command) (*config.Config, error) {
v := viper.New() v := viper.New()
v.SetEnvKeyReplacer(strings.NewReplacer(".", "_"))
cfgFile := "" cfgFile := ""
configFlag := cmd.Flags().Lookup("config") configFlag := cmd.Flags().Lookup("config")