-
Notifications
You must be signed in to change notification settings - Fork 79
Troubleshooting
Kyverno has an internal mechanism to recreate PolicyReports in an fixed time interval. In this process Kyverno removes all results from existing PolicyReports and revalidate existing Resources, this recreations can happen in multiple steps. To prevent sending of recreated results Policy Reporter waits for all new PolicyReport updates after a PolicyReport was resetted for 20 seconds, until it checks for new violations. Depending on the amount of resources and Kyverno policies 20 seconds may not enough for Kyverno to complete this recreation and Policy Reporter process incomplete PolicyReports which can lead to resending existing violations.
Increase the amount of seconds to wait for Policy Reporter by changing cleanupDebounceTime in your values.yaml. The default value is 20.