Priorities are used to decide if a result should be sent to a Target with configured
minimumPriority and how it should be displayed.
The priority of a PolicyReportResult depends by default on its result and severity value.
Options in ascending order are:
- Passed results have info priority
- Warn results have warning priority
- Error results have error priority
- Fail results without severities have warning priority
- Fail results with low severity have info priority
- Fail results with medium severity have warning priority
- Fail results with high severity have critical priority
If you want to change the priority of PolicyReportResults based on the Policy, you can configure a priority map. This map can assign one priority per policy or a default priority which is used for all results without severity or a concrete mapping to their related policy.
# values.yamlpolicyPriorities: # used for all fail results without severity or concrete mapping default: warning # used for all fail results of the require-ns-labels policy independent of the severity require-ns-labels: error
Kyverno supports several annotations for its policy CRDs to set additional information in the related PolicyReports. One of these annotations is
policies.kyverno.io/severity used to set the severity of the related PolicyReportResults. Possible options are
This allows you to define the priority of your results within the Kyverno policy itself.