Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature Request: strict policies.yml parsing, disallow unknown keys #845

Open
fabriziosestito opened this issue Jul 25, 2024 · 1 comment
Open

Feature Request: strict policies.yml parsing, disallow unknown keys #845

fabriziosestito opened this issue Jul 25, 2024 · 1 comment
Labels
kind/tech-debt

Comments

@fabriziosestito
Copy link
Contributor

Is your feature request related to a problem?

The parsing of policies.yml is not strict enough.
This can be prone to errors.

For instance, at the time of writing, this configuration is valid:

psp-capabilities:
  url: registry://ghcr.io/kubewarden/policies/psp-capabilities:v0.1.7
  allowedToMutate: true
  policyModel: monitor # note: "policyModel" should be "policyMode" 
  settings:
  ...

However, as the policyMode key is not found, the policy will be configured in Protect mode.

Also, we could clean up the tests by using fixtures and/or merging tests together in one test with multiple cases of reading configurations.

Solution you'd like

No response

Alternatives you've considered

No response

Anything else?

No response
@flavio
Copy link
Member

flavio commented Aug 5, 2024

Keep in mind there's currently a serde bug that prevents that from being done. See 7316fc9

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/tech-debt
Projects
Kubewarden
Status: No status
Milestone
No milestone
Development

No branches or pull requests
2 participants
@flavio @fabriziosestito