Allow to parameterize the policies
as42sl opened this issue · comments
Do you have a plan for parameterizing the policies to avoid duplicated code?
For example when I want to deny multiple namespaces I could write generic code that gets the namespace as a parameter and then create multiple JsPolicy files that reference the same JsPolicyBundle:
apiVersion: policy.jspolicy.com/v1beta1
kind: JsPolicy
metadata:
name: "deny-default-namespace.example.com"
spec:
bundle: "deny-namespace.example.com"
operations: ["CREATE"]
resources: ["*"]
scope: Namespaced
parameters:
namespace: default
apiVersion: policy.jspolicy.com/v1beta1
kind: JsPolicy
metadata:
name: "deny-other-namespace.example.com"
spec:
bundle: "deny-namespace.example.com"
operations: ["CREATE"]
resources: ["*"]
scope: Namespaced
parameters:
namespace: other