mirrors/policy-reporter
1
0
Fork 0
mirror of https://github.com/kyverno/policy-reporter.git synced 2024-12-14 11:57:32 +00:00
Code Activity

Configuration Improvements

Browse source
This commit is contained in:
Frank Jogeleit 2021-02-20 19:20:34 +01:00
parent 8cf6013905
commit 98fc143065
5 changed files with 20 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
README.md
View file

@ -21,14 +21,19 @@ You can also customize the `./charts/policy-reporter/values.yaml` to change the
### Configure policyPriorities ### Configure policyPriorities
By default kyverno PolicyReports has no priority or severity for policies. So every passed rule validation will be processed as notice, a failed validation is processed as error. To customize this you can configure a mapping from policies to fail priorities. So you can send them as warnings instead of errors. By default kyverno PolicyReports has no priority or severity for policies. So every passed rule validation will be processed as notice, a failed validation is processed as error. To customize this you can configure a mapping from policies to fail priorities. So you can send them as warnings instead of errors. To configure the priorities create a ConfigMap in the `policy-reporter` namespace with the name `policy-reporter-config`. This ConfigMap have to have a property `config.yaml` with the map as YAML content. See the Example for Detailes.
#### Example
```yaml ```yaml
# values.yaml # config.yaml
# policyPriorities example diff policy_priorities:
check-label-app: warning
require-ns-labels: warning
```
policyPriorities: ```bash
check-label-app: warning kubectl create configmap policy-reporter-config --from-file=config.yaml -n policy-reporter
``` ```
## Example Outputs ## Example Outputs

14
charts/policy-reporter/templates/configmap.yaml
View file

@ -1,14 +0,0 @@
apiVersion: v1
data:
config.yaml: |-
loki:
host: {{ .Values.loki.host }}
{{- with .Values.policyPriorities }}
policy_priorities:
{{- toYaml . | nindent 6 }}
{{- end }}
kind: ConfigMap
metadata:
name: {{ include "policyreporter.fullname" . }}-config
namespace: policy-reporter

6
charts/policy-reporter/templates/deployment.yaml
View file

@ -43,7 +43,11 @@ spec:
- name: config-volume - name: config-volume
mountPath: /app/config.yaml mountPath: /app/config.yaml
subPath: config.yaml subPath: config.yaml
env:
- name: LOKI_HOST
value: {{ .Values.loki.host | quote }}
volumes: volumes:
- name: config-volume - name: config-volume
configMap: configMap:
name: {{ include "policyreporter.fullname" . }}-config name: policy-reporter-config
optional: true

6
charts/policy-reporter/values.yaml
View file

@ -2,7 +2,7 @@ loki:
host: http://loki.loki-stack.svc.cluster.local:3100 host: http://loki.loki-stack.svc.cluster.local:3100
image: image:
repository: fjogeleit/policy-reporter repository: fjogeleit/policy-reporter
pullPolicy: IfNotPresent pullPolicy: Always
tag: 0.1.0 tag: 0.1.0
imagePullSecrets: [] imagePullSecrets: []
service: service:
@ -14,6 +14,4 @@ resources:
cpu: 10m cpu: 10m
limits: limits:
memory: 100Mi memory: 100Mi
cpu: 50m cpu: 50m
policyPriorities: []

3
cmd/root.go
View file

@ -4,6 +4,7 @@ import (
"flag" "flag"
"log" "log"
"net/http" "net/http"
"strings"
"github.com/fjogeleit/policy-reporter/pkg/config" "github.com/fjogeleit/policy-reporter/pkg/config"
"github.com/fjogeleit/policy-reporter/pkg/report" "github.com/fjogeleit/policy-reporter/pkg/report"
@ -80,6 +81,8 @@ func NewCLI() *cobra.Command {
func LoadConfig(cmd *cobra.Command) (*config.Config, error) { func LoadConfig(cmd *cobra.Command) (*config.Config, error) {
v := viper.New() v := viper.New()
v.SetEnvKeyReplacer(strings.NewReplacer(".", "_"))
cfgFile := "" cfgFile := ""
configFlag := cmd.Flags().Lookup("config") configFlag := cmd.Flags().Lookup("config")