-
Notifications
You must be signed in to change notification settings - Fork 236
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug] Kyverno verifyimage policy does'nt working correctly #1128
Labels
bug
Something isn't working
Comments
Please properly format your manifests so we can review them. |
I have formatted the manifest, Can you check now? |
Hi @chipzoller, Any update on above? |
What do the logs for the admission controller say when you compare a pass to a fail? What is the exact version of Kyverno used here? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Kyverno Version
1.12
Kubernetes Version
1.29
Kubernetes Platform
EKS
Description
when I first apply an imageVerification policy with validationfailureaction to Audit, the first pod that is signed that already deployed gets a warning saying it isn't signed in policyreport, but when I delete it and redeploy it a second time it is working.
Here is the kyverno policy.
Steps to reproduce
1.I created a policy for image verification against my aws public key
2.I deploy a pod with a signed image that should pass (confirmed via cosign)
3.I check the report and it says it failed
4.I delete the pod
5.I recreate the pod, and this time it passes in the report
Expected behavior
It should work with audit mode if image is signed then it must show pass.
Screenshots
No response
Kyverno logs
No response
Slack discussion
No response
Troubleshooting
The text was updated successfully, but these errors were encountered: