policy-reporter
Monitoring and observability for policy engine results
Component Information
| Property | Value |
|---|---|
| Chart Version | 3.5.0 |
| Chart Type | application |
| Upstream Project | policy-reporter |
| Maintainers | Platform Engineering Team (repo) |
Why Policy Reporter?
Policy Reporter aggregates PolicyReport CRDs generated by Kyverno and presents them in a dashboard. It provides visibility into policy compliance across the cluster.
Without Policy Reporter, you’d need to query PolicyReport resources directly using kubectl or write custom tooling. Policy Reporter provides a web UI, exports metrics to Prometheus, and can send notifications when violations occur.
It’s specifically designed to work with Kyverno’s PolicyReport outputs, making it a natural fit for this platform.
Architecture Role
Policy Reporter sits at Layer 3 of the platform, the Developer-Facing Applications layer. It’s a visualization tool for policy compliance.
Key integration points:
- Kyverno: Consumes PolicyReport CRDs generated by Kyverno
- Prometheus: Exposes policy compliance metrics
- Gateway API: Exposed via HTTPRoute for accessing the dashboard
Policy Reporter watches for PolicyReport resources and updates its internal state. The dashboard shows current compliance status and historical trends.
Configuration Values
policy-reporter
Component Information
| Property | Value |
|---|---|
| Chart Version | 3.5.0 |
| Chart Type | `` |
| Upstream Project | N/A |
Configuration Values
The following table lists the configurable parameters:
Values
| Key | Type | Default | Description |
|---|---|---|---|
| policyReporter.resources | object | {"limits":{"cpu":"200m","memory":"128Mi"},"requests":{"cpu":"50m","memory":"64Mi"}} |
Resource requests and limits for the core engine. |
| policyReporter.resources.limits.cpu | string | "200m" |
CPU limit for Policy Reporter |
| policyReporter.resources.limits.memory | string | "128Mi" |
Memory limit for Policy Reporter |
| policyReporter.resources.requests.cpu | string | "50m" |
CPU request for Policy Reporter |
| policyReporter.resources.requests.memory | string | "64Mi" |
Memory request for Policy Reporter |
| priorityClassName | string | "platform-observability" |
Priority class for Policy Reporter |
| ui.enabled | bool | true |
Enables the deployment of the Policy Reporter UI. |
| ui.resources | object | {"limits":{"cpu":"100m","memory":"128Mi"},"requests":{"cpu":"50m","memory":"64Mi"}} |
Resource requests and limits for the UI. |
| ui.resources.limits.cpu | string | "100m" |
CPU limit for the UI |
| ui.resources.limits.memory | string | "128Mi" |
Memory limit for the UI |
| ui.resources.requests.cpu | string | "50m" |
CPU request for the UI |
| ui.resources.requests.memory | string | "64Mi" |
Memory request for the UI |