1
0
Fork 0
mirror of https://github.com/kyverno/policy-reporter.git synced 2024-12-14 11:57:32 +00:00
Monitoring and Observability Tool for the PolicyReport CRD with an optional UI.
Find a file
Frank Jogeleit b8a658463a update static manifests
Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de>
2024-09-30 14:59:16 +02:00
.github install required go version in workflow 2024-04-18 13:28:42 +02:00
charts/policy-reporter prepare release 2.24.2 (#481) 2024-09-30 14:54:28 +02:00
cmd fix HA mode without leaderelection 2024-09-28 12:23:37 +02:00
docs/images Monitoring improvements (#23) 2021-04-10 11:16:46 +02:00
manifest update static manifests 2024-09-30 14:59:16 +02:00
pkg fix tags 2024-09-28 12:25:07 +02:00
templates API to render Violations Report (#429) 2024-05-04 10:04:27 +02:00
.dockerignore Internal Rewrite (#91) 2021-12-13 16:02:40 +01:00
.gitignore API to render Violations Report (#429) 2024-05-04 10:04:27 +02:00
CHANGELOG.md prepare release 2.24.2 (#481) 2024-09-30 14:54:28 +02:00
CODE_OF_CONDUCT.md Add COC and Contribution docs 2022-08-29 21:31:45 +02:00
CONTRIBUTING.md Add COC and Contribution docs 2022-08-29 21:31:45 +02:00
Dockerfile support custom headers for loki target (#422) 2024-04-18 10:02:37 +02:00
go.mod bump AWS SDK Go v2 dependencies (#451) 2024-06-12 18:27:02 +02:00
go.sum bump AWS SDK Go v2 dependencies (#451) 2024-06-12 18:27:02 +02:00
LICENSE.md init 2021-02-20 00:58:01 +01:00
main.go External SQL DB support (#304) 2023-05-02 11:00:14 +02:00
Makefile prepare release v24.0.1 2024-07-19 07:51:57 +02:00
README.md updated README to include up to date list of targets (#396) 2024-01-23 16:24:45 +01:00

Policy Reporter

CI Go Report Card Coverage Status

Motivation

Kyverno ships with two types of validation. You can either enforce a rule or audit it. If you don't want to block developers or if you want to try out a new rule, you can use the audit functionality. The audit configuration creates PolicyReports which you can access with kubectl. Because I can't find a simple solution to get a general overview of this PolicyReports and PolicyReportResults, I created this tool to send information about PolicyReports to different targets like Grafana Loki, Elasticsearch or Slack.

Policy Reporter provides also a Prometheus Metrics API as well as an standalone mode along with the Policy Reporter UI.

This project is in an early stage. Please let me know if anything did not work as expected or if you want to send your audits to unsupported targets.

Documentation

You can find detailed Information and Screens about Features and Configurations in the Documentation.

Getting Started

Installation with Helm v3

Installation via Helm Repository

Add the Helm repository

helm repo add policy-reporter https://kyverno.github.io/policy-reporter
helm repo update

Basic Installation

The basic installation provides optional Prometheus Metrics and/or optional REST APIs, for more details have a look at the Documentation.

helm install policy-reporter policy-reporter/policy-reporter -n policy-reporter --set metrics.enabled=true --set rest.enabled=true --create-namespace

Installation without Helm or Kustomize

To install Policy Reporter without Helm or Kustomize have a look at manifests.

Policy Reporter UI

You can use the Policy Reporter as standalone Application along with the optional UI SubChart.

Installation with Policy Reporter UI and Kyverno Plugin enabled

helm install policy-reporter policy-reporter/policy-reporter --set kyvernoPlugin.enabled=true --set ui.enabled=true --set ui.plugins.kyverno=true -n policy-reporter --create-namespace
kubectl port-forward service/policy-reporter-ui 8082:8080 -n policy-reporter

Open http://localhost:8082/ in your browser.

Check the Documentation for Screens and additional Information

Targets

Policy Reporter supports the following Targets to send new (Cluster)PolicyReport Results too:

Monitoring

The Helm Chart includes optional SubChart for Prometheus Operator Integration. The provided Dashboards working without Loki and are only based on the Prometheus Metrics.

Have a look into the Documentation for details.

Grafana Dashboard Import

If you are not using the MonitoringStack you can import the dashboards from Grafana

Resources