Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

policyengine/PolicyDispatcher: allow to delete unprivileged policy #431

Merged
merged 3 commits into from
Mar 31, 2024
Merged

policyengine/PolicyDispatcher: allow to delete unprivileged policy #431

merged 3 commits into from
Mar 31, 2024

Conversation

kfirtoledo
Copy link
Collaborator

Add delete unprivileged policy function,
(Delete privileged policy is still missing -can be done by adding finalizer before deleting to the policies or separate access policy CRDS to privileged and non-privileged)

@kfirtoledo kfirtoledo requested review from elevran and zivnevo March 24, 2024 04:27
@kfirtoledo kfirtoledo mentioned this pull request Mar 24, 2024
Closed
elevran
elevran reviewed Mar 24, 2024
View reviewed changes
Copy link
Collaborator

@elevran elevran left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems like an intermediate step towards deleting policies, which still tries to maintain backward compatibility.
Is it really worthwhile, or should we move directly to full CRD instance (allowing duplicate names across namespaces, same name for privileged and normal in the same namespace, etc.)?
Am ok approving if the next iteration of the change is already in the works and you're just breaking up the larger change into smaller changesets.
Also, not the test failure...

pkg/controlplane/authz/manager.go Outdated Show resolved Hide resolved
pkg/policyengine/PolicyDispatcher.go Outdated Show resolved Hide resolved
pkg/policyengine/PolicyDispatcher.go Outdated Show resolved Hide resolved
@elevran
Copy link
Collaborator

elevran commented Mar 26, 2024

for now, we'll support a single level of policies

@pull-request-size pull-request-size bot added size/M and removed size/S labels Mar 26, 2024
@kfirtoledo kfirtoledo requested a review from orozery March 26, 2024 14:44
@pull-request-size pull-request-size bot added size/S and removed size/M labels Mar 31, 2024
@kfirtoledo kfirtoledo merged commit 9cb95d5 into clusterlink-net:main Mar 31, 2024
9 checks passed
@kfirtoledo kfirtoledo deleted the policy branch March 31, 2024 16:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@elevran elevran elevran approved these changes

@zivnevo zivnevo Awaiting requested review from zivnevo zivnevo is a code owner

@orozery orozery Awaiting requested review from orozery

Assignees
No one assigned
Labels
size/S
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kfirtoledo @elevran