From ec23f08adb80e55f9e9d92cd7b5b34bb9ee4c7a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Guilherme=20Vanz?= Date: Thu, 6 Jul 2023 14:24:21 -0300 Subject: [PATCH] feat: background audit config, severity and category annotations. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Updates policy metadata.yml file adding the new configuration to enabled background audit checks and adds two new annotations used by the audit scanner in its reports. Signed-off-by: José Guilherme Vanz --- metadata.yml | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/metadata.yml b/metadata.yml index 3e3d7c9..60399e9 100644 --- a/metadata.yml +++ b/metadata.yml @@ -1,8 +1,12 @@ rules: -- apiGroups: [""] - apiVersions: ["v1"] - resources: ["pods"] - operations: ["CREATE"] + - apiGroups: + - '' + apiVersions: + - v1 + resources: + - pods + operations: + - CREATE mutating: false contextAware: false annotations: @@ -10,11 +14,14 @@ annotations: io.artifacthub.displayName: Sysctl PSP io.artifacthub.resources: Pod io.artifacthub.keywords: sysctl, psp, pod + # kubewarden specific io.kubewarden.policy.ociUrl: ghcr.io/kubewarden/policies/sysctl-psp - # kubewarden specific: io.kubewarden.policy.title: sysctl-psp - io.kubewarden.policy.description: A Pod Security Policy that controls usage of sysctls in pods + io.kubewarden.policy.description: A Pod Security Policy that controls usage of sysctls + in pods io.kubewarden.policy.author: Kubewarden developers io.kubewarden.policy.url: https://github.com/kubewarden/sysctl-psp-policy io.kubewarden.policy.source: https://github.com/kubewarden/sysctl-psp-policy io.kubewarden.policy.license: Apache-2.0 + io.kubewarden.policy.category: PSP + io.kubewarden.policy.severity: medium