Feature: improve policy scanning logic

[deggja]

Description:

Currently, a pod will be marked as covered if it is targeted by a policy. We dont do much as far as analysing the ingress and egress rules inside the policy goes. We simply check if it has rules or not to determine what type of policy it is.

Goal:

We should improve the scanning logic so that once it has detected a policy, this poilicy should be scanned to determine what the policy is actually doing for the pod as far as cover go.

[roopeshsn]

Description:

Currently, a pod will be marked as covered if it is targeted by a policy. We dont do much as far as analysing the ingress and egress rules inside the policy goes. We simply check if it has rules or not to determine what type of policy it is.

Goal:

We should improve the scanning logic so that once it has detected a policy, this poilicy should be scanned to determine what the policy is actually doing for the pod as far as cover go.

Do you have an idea of how to actually implement this?

[deggja]

@roopeshsn I was talking to some users and friends about this while testing the core functionality a while ago. I think this goes hand in hand with this: #108

Once the functionality for scanning a specific policy is in place, I think it would make sense to build on that to include some version of that functionality in the main scanning logic as well.