-
Notifications
You must be signed in to change notification settings - Fork 161
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enhance Resource Constraints Validation Policy to Include InitContainers & EphermalContainers #1314
Enhance Resource Constraints Validation Policy to Include InitContainers & EphermalContainers #1314
Conversation
Signed-off-by: Nikhil Maheshwari <[email protected]>
Hi, @realshuting Please review & help with your approval. TIA |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What about ephemeralContainers
?
Signed-off-by: Nikhil Maheshwari <[email protected]>
PR Updated ✅ @realshuting |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
Is #951 relevant? |
My bad. I have updated the comment. |
Congratulations! 🎉Great job merging your first Pull Request here! How awesome! If you are new to this project, feel free to join our Slack community. |
@realshuting, @nikhilmaheshwari24: changes should not have been made here as these Markdown files are rendered from the contents of the policy library (kyverno/policies). We run a rendering program to then convert to Markdown. These changes will be wiped unless the corresponding policies in the library are updated. |
The changes made are also incorrect as without conditionals it will cause all Pods to fail if they don't have initContainers or ephemeralContainers. |
content/en/policies/best-practices/require-pod-requests-limits/require-pod-requests-limits.md
Show resolved
Hide resolved
Policy Path - https://github.com/kyverno/policies/blob/main/best-practices/require-pod-requests-limits/require-pod-requests-limits.yaml |
I'd just open the PR on kyverno/policies. We'll render policies for the website and pick up those changes. |
If you haven't raised the PR, let me do it, I want to contribute. |
I was not aware of that, thanks for pointing it out. @nikhilmaheshwari24 - let's open a PR in kyverno/policies with the revised policy, thanks. |
Signed-off-by: nikhilmaheshwari24 [email protected]
Related issue
kyverno/policies#951
Proposed Changes
This PR updates the existing Kyverno policy to validate CPU and memory resource requests and limits for both containers and initContainers within Pods. This enhancement ensures comprehensive resource management across all container types in a Kubernetes cluster.
Checklist