-
Notifications
You must be signed in to change notification settings - Fork 79
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
General question about persistance in Policy Reporter #473
Comments
Hey, in general you don't need additional persistence. The Logs page is an simple in memory notification target, to show case the notification feature. Notifications are only send for new results, after a restarted the already existing targets are skipped, to not spam the targets with duplicates. But the internal Database and Views are recover from the (Cluster)PolicyReports in your cluster after a restart. The PolicyReport view should show the some results as before. If you want a persistent Logs view, you can configure a Redis cache for it but I would recommend to use metrics or another target for timeseries information like Loki or Elasticsearch. For the other UI pages additional persistence is not required. |
Hello @fjogeleit! Thanks for reply. |
You need to enable the kyverno plugin for this. Because Kyverno does not create policy reports for blocked resources by default. In the slack notification config you can set the source filter to only send |
Thanks @fjogeleit , it`s working! |
Alle notification targets have a target:
slack:
minimumPriority: "warning"
skipExistingOnStartup: true
customFields:
cluster: dev-1 |
@fjogeleit is it possible to show correct time in the Policy Reporter UI? Since in every event I see something like on screenshot. |
I will take a look |
I created a new plugin version, you can set it in your values.yaml at this path: It should fix the time for new created entries. |
Hello, Community.
I am totally new to policy-reporter, so because of that I am wondering whether some Persistance is needed for Policy-reporter to save it`s data after reboot?
I am curious about that since I tried to deploy some pod that violate my policy "disallow-latest-tag". Later in "Logs" tab into "Policy-Reporter UI" I found entry about violation. But after reboot of deployments of policy reporter and policy reporter ui, this log entry disappeared.
Maybe logs entries is not so important but another stuff like (Cluster) Policy Reports is important.
So my question: Is it possible and is it needed to add some persistence(persistent volumes) to policy-reporter/ui, for saving some important data like (Cluster) Policy Reports, after reboot/fail/disruption.
Thanks in advance!
The text was updated successfully, but these errors were encountered: