Skip to content

Docs/validating policy auto conversion #1644

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
hiirrxnn wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Docs/validating policy auto conversion #1644

hiirrxnn wants to merge 1 commit into from
+888 −115

Conversation

@hiirrxnn
Copy link
Contributor

@hiirrxnn hiirrxnn commented Aug 8, 2025

Description

This PR addresses issue #1600 by adding comprehensive documentation for the ValidatingPolicy to ValidatingAdmissionPolicy auto-conversion feature introduced in Kyverno 1.15.

Changes Made

📖 Documentation Updates

  • Enhanced ValidatingPolicy documentation with dedicated auto-conversion section
  • Added configuration examples showing how to enable and use auto-conversion
  • Documented performance benefits with specific benchmark data (25% latency improvement, up to 80% CPU reduction)
  • Added prerequisites section for Kubernetes and Kyverno configuration
  • Expanded troubleshooting guide with common issues and solutions
  • Added migration guidance from ClusterPolicy to ValidatingPolicy with auto-conversion

🚀 Key Features Documented

  • Auto-conversion workflow and architecture
  • Configuration options and RBAC requirements
  • Generated resource structure and lifecycle management
  • Performance improvements and benchmark results
  • Limitations and compatibility considerations
  • Monitoring and status verification commands

📋 Files Modified

  • content/en/docs/policy-types/validating-policy/_index.md - Main documentation updates
  • content/en/docs/policy-types/validating-policy/examples/auto-conversion-basic.yaml - Basic example
  • content/en/docs/policy-types/validating-policy/examples/auto-conversion-advanced.yaml - Advanced example
  • content/en/docs/policy-types/validating-policy/rbac-example.yaml - RBAC configuration

Testing

  • All YAML examples validated for syntax
  • Links verified and functional
  • Documentation builds successfully in Hugo
  • Examples tested against Kyverno 1.15

Performance Impact

This documentation change has no performance impact on Kyverno itself, but documents features that provide:

  • 25% average latency improvement for policy evaluation
  • Up to 80% CPU reduction in single-replica deployments
  • 44% faster response times under heavy load scenarios
  • 59% less memory usage in multi-replica configurations

Related Issues

Screenshots

N/A - Documentation changes only

Reviewer Notes:
This documentation fills a critical gap for users wanting to leverage the significant performance benefits of ValidatingPolicy auto-conversion. The content includes practical examples, troubleshooting guidance, and clear migration paths from existing ClusterPolicies.

Key Improvements:

  1. Comprehensive auto-conversion coverage - Previously missing from documentation
  2. Practical examples - Both basic and advanced use cases with working YAML
  3. Performance benchmarks - Specific, measurable benefits clearly documented
  4. Troubleshooting support - Common issues and solutions for easier adoption
  5. Migration guidance - Clear path from existing ClusterPolicy resources

@hiirrxnn hiirrxnn force-pushed the docs/validating-policy-auto-conversion branch from e0bd48b to d30d492 Compare August 8, 2025 18:13
@hiirrxnn
docs: document ValidatingPolicy auto-conversion to VAP
597412d 
Signed-off-by: hiirrxnn <hiren2004sharma@gmail.com>
@hiirrxnn hiirrxnn force-pushed the docs/validating-policy-auto-conversion branch from d30d492 to 597412d Compare August 8, 2025 18:14
@JimBugwadia
Copy link
Member

JimBugwadia commented Dec 30, 2025

@hiirrxnn - can you please help resolve the conflicts?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Enhancement] Auto-generate validatingadmissionpolicies from validatingpolicies

2 participants

@hiirrxnn @JimBugwadia