UNCLASSIFIED - NO CUI

Skip to content

driftDetection enabled for Kyverno-policies: Error with BigBang Kyverno-policies

Invalid ClusterPolicy and PolicyException

I encountered an issue while running the BigBang kyverno-policies when driftDetection: enabled . The ClusterPolicy for update-automountserviceaccounttokens is failing due to multiple resources.names fields being invalid (type "null" instead of an array). Additionally, the PolicyException for require-non-root-group-exception and require-non-root-user-exception are failing due to undeclared fields in the schema.

Screenshot_2024-05-31_at_1.28.30_PM

PolicyException/kyverno/require-non-root-group-exception dry-run failed: failed to create typed patch object (kyverno/require-non-root-group-exception; kyverno.io/v2alpha1, Kind=PolicyException): .namespace: field not declared in schema, PolicyException/kyverno/require-non-root-user-exception dry-run failed: failed to create typed patch object (kyverno/require-non-root-user-exception; kyverno.io/v2alpha1, Kind=PolicyException): .namespace: field not declared in schema

doc: https://fluxcd.io/flux/components/helm/helmreleases/#drift-detection

Edited by Abimbola Abiola

UNCLASSIFIED - NO CUI