Set runtime security custom policy using config map #315
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Allow either adding a custom policy for runtime security or overriding the default one through a configmap.
Motivation
The default policy is part of the base image but was overridden by the configmap. Every time we bumped the
default policy we had to also bump the configmap. As the policy is tied to the runtime security agent, it
introduced hard to address compatibilities issues.
Additional Notes
Anything else we should know when reviewing?
Describe your test plan
Write there any instructions and details you may have to test your PR.