feat: background audit config, severity and category annotations.

Updates policy metadata.yml file adding the new configuration to enabled background audit checks and adds two new annotations used by the audit scanner in its reports. Signed-off-by: José Guilherme Vanz <[email protected]>
kubewarden · Jul 7, 2023 · 24ebe0b · 24ebe0b
1 parent 2e0872d
commit 24ebe0b
Showing 1 changed file with 15 additions and 7 deletions.
diff --git a/metadata.yml b/metadata.yml
@@ -1,8 +1,13 @@
 rules:
-- apiGroups: [""]
-  apiVersions: ["v1"]
-  resources: ["pods"]
-  operations: ["CREATE", "UPDATE"]
+  - apiGroups:
+      - ''
+    apiVersions:
+      - v1
+    resources:
+      - pods
+    operations:
+      - CREATE
+      - UPDATE
 mutating: true
 contextAware: false
 executionMode: kubewarden-wapc
@@ -11,11 +16,14 @@ annotations:
   io.artifacthub.displayName: Selinux PSP
   io.artifacthub.resources: Pod
   io.artifacthub.keywords: psp, container, runtime, selinux
+  # kubewarden specific
   io.kubewarden.policy.ociUrl: ghcr.io/kubewarden/policies/selinux-psp
-  # rest
   io.kubewarden.policy.title: selinux-psp
-  io.kubewarden.policy.description: Replacement for the Kubernetes Pod Security Policy that controls the usage of SELinux
-  io.kubewarden.policy.author: "Kubewarden developers <[email protected]>"
+  io.kubewarden.policy.description: Replacement for the Kubernetes Pod Security Policy
+    that controls the usage of SELinux
+  io.kubewarden.policy.author: Kubewarden developers <[email protected]>
   io.kubewarden.policy.url: https://github.com/kubewarden/selinux-psp-policy
   io.kubewarden.policy.source: https://github.com/kubewarden/selinux-psp-policy
   io.kubewarden.policy.license: Apache-2.0
+  io.kubewarden.policy.category: PSP
+  io.kubewarden.policy.severity: medium