Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove the notion of "Enforcement Action" from the engine interface #298

Open
maxsmythe opened this issue Feb 27, 2023 · 2 comments
Open

Remove the notion of "Enforcement Action" from the engine interface #298

maxsmythe opened this issue Feb 27, 2023 · 2 comments

Comments

@maxsmythe
Copy link
Contributor

Currently, Engine is responsible for returning an enforcement action. This was originally intended to allow for the possibility of dynamic enforcement actions, but that would be incompatible with the capabilities of the CEL KEP. As such, it should be removed.

frameworks/constraint/pkg/client/drivers/to_result.go

Lines 82 to 90 in 9f70a3e

enforcementAction, found, err := unstructured.NestedString(constraint.Object, "spec", "enforcementAction")
if err != nil {
return nil, err
}
if !found {
enforcementAction = apiconstraints.EnforcementActionDeny
}
result.EnforcementAction = enforcementAction

@maxsmythe maxsmythe mentioned this issue Feb 27, 2023
Merged
@ritazh
Copy link
Member

ritazh commented Mar 4, 2023

What kind of impact/issue does removing "Enforcement Action" present? Will there be any backward compatibility issues?

@maxsmythe
Copy link
Contributor Author

No user-facing backwards compatibility issues... we never piped this through to users. Anyone who has written a driver may be affected, but I'm not aware of anyone whose done that (and that part of the CF is alpha).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ritazh @maxsmythe