doc(KDP): add policy status KDP #64
Conversation
KhaledEmaraDev
force-pushed
the
policy-status
branch
from
3edfd74 to
a00a3e2
Compare
Signed-off-by: Khaled Emara <[email protected]>
KhaledEmaraDev
force-pushed
the
policy-status
branch
from
a00a3e2 to
f3d49ac
Compare
| - `CachePresence`: Indicates whether the policy has been successfully loaded into Kyverno's internal cache. | ||
| - `RBACPermissions`: Indicates whether Kyverno has the necessary RBAC permissions to enforce the policy. | ||
|
|
||
| Each condition will have a status of `True` or `False`. If a condition's type is `NotReady` and the status is `False`, the policy will fail to apply unless explicitly configured otherwise through `validationFailureActionOverrides`. A condition may not be present if it's not relevant to the policy. |
There was a problem hiding this comment.
If a condition's type is
NotReadyand
What is this referring to....is there a type?
There was a problem hiding this comment.
Good catch. This is a typo. The types are what we defined above.
|
|
||
| # Proposal | ||
|
|
||
| [proposal]: #proposal |
There was a problem hiding this comment.
I recommend we keep the status field with values Ready and NotReady as a summary state. We can set status: Ready when all conditions pass.
There was a problem hiding this comment.
So, first I think it's deprecated. I will try to get a reference to this. Second, for future proofing I was thinking that different components might interpret conditions differently. So for instance, the background controller might not care about a policy being configured in the webhook or not. Ready here should be false for Admission but true for Background.
I think it's better if we leave each component to interpret the readiness on its own. But, I'm also fine with this.
Co-authored-by: Jim Bugwadia <[email protected]> Signed-off-by: shuting <[email protected]>
Co-authored-by: Jim Bugwadia <[email protected]> Signed-off-by: shuting <[email protected]>
No description provided.