Kubewarden Admission Controller - Monorepo
June 26, 2026 ยท View on GitHub
Kubewarden is a Kubernetes Dynamic Admission Controller that uses policies written in WebAssembly.
For more information refer to the official Kubewarden website.
Kubewarden Admission Controller - Monorepo
This repository is a monorepo containing the source code for all the different components of the Kubewarden Admission Controller:
- adm-controller: A Kubernetes controller that allows you to dynamically register Kubewarden admission policies and reconcile them with the Kubernetes webhooks of the cluster where it's deployed
- policy-server: The runtime component that evaluates admission policies written in WebAssembly
- audit-scanner: A component that scans existing resources in the cluster against registered policies
- kwctl: A CLI tool for testing and managing Kubewarden policies
Documentation
The full and exhaustive documentation is available at docs.kubewarden.io.
The docs/ folder contains README files for each component:
Installation
The adm-controller can be deployed using a Helm chart. For instructions, see https://charts.kubewarden.io.
Please refer to our quickstart for more details.
Note: This chart replaces the three separate charts that were used previously:
kubewarden-crds,kubewarden-controller, andkubewarden-defaults.
Migration from three-chart setup
Please refer to the migration
guide
in the documentation for instructions on migrating from the legacy
kubewarden-crds, kubewarden-controller, and kubewarden-defaults charts to
the unified admission-controller chart.
Configuration
Defaults
The chart can deploy a default Policy Server and recommended policies:
policyServer:
enabled: true
replicaCount: 1
# ... (see values.yaml for full options)
recommendedPolicies:
enabled: false # disabled by default
defaultPolicyMode: "monitor"
allowPrivilegeEscalationPolicy:
# ... (see values.yaml)
These resources are owned and reconciled by the controller. Manual
changes are reverted on the next reconciliation. Setting enabled
to false removes all managed resources.
CRDs
CRDs are installed with the helm.sh/resource-policy: keep annotation:
helm upgradeupdates CRDs normallyhelm uninstalldoes not delete CRDs, which prevents cascade-deletion of all PolicyServers and policies in the cluster
Reinstalling under a different release name or namespace
Because the CRDs are kept on uninstall, they survive with the Helm
ownership metadata of the release that created them
(meta.helm.sh/release-name and meta.helm.sh/release-namespace). Helm
checks this metadata on the next install:
-
Same release name and namespace: Helm adopts the existing CRDs and the install succeeds.
-
Different release name or namespace: Helm refuses to take over the CRDs and the install fails with:
Error: ... invalid ownership metadata; annotation meta.helm.sh/release-name must equal "<new>": current value is "<old>"
This is expected: the CRDs still belong to the previous release. To adopt
them into the new release, install with --take-ownership (Helm 3.18+ or
Helm 4), which re-stamps the ownership metadata:
helm install <release> <chart> -n <namespace> --take-ownership
Uninstall
helm uninstall kubewarden-controller -n kubewarden
This removes:
- The controller Deployment
- Managed defaults (resources labeled
kubewarden.io/managed-by=kubewarden-controller-defaults) - ConfigMaps, Secrets, Services
It does not remove:
- CRDs (kept by
helm.sh/resource-policy: keep) - User-managed PolicyServers and policies
To remove CRDs after uninstall:
kubectl delete crd policyservers.policies.kubewarden.io
kubectl delete crd clusteradmissionpolicies.policies.kubewarden.io
kubectl delete crd admissionpolicies.policies.kubewarden.io
kubectl delete crd clusteradmissionpolicygroups.policies.kubewarden.io
kubectl delete crd admissionpolicygroups.policies.kubewarden.io
Software bill of materials & provenance
All Kubewarden components has its software bill of materials (SBOM) and build Provenance information published every release. It follows the SPDX format and SLSA provenance schema. Both of the files are generated by Docker buildx during the build process and stored in the container registry together with the container image as well as upload in the release page.
You can find them together with the signature and certificate used to sign it
in the release
assets, and
attached to the image as JSON-encoded documents following the in-toto SPDX
predicate
format. You can obtain them with
crane
or docker buildx imagetools inspect.
You can verify the container image with:
cosign verify-blob --certificate-oidc-issuer=https://token.actions.githubusercontent.com \
--certificate-identity="https://github.com/kubewarden/adm-controller/.github/workflows/attestation.yml@<TAG TO VERIFY>" \
--bundle controller-attestation-amd64-provenance.intoto.jsonl.bundle.sigstore \
controller-attestation-amd64-provenance.intoto.jsonl
To verify the attestation manifest and its layer signatures:
cosign verify --certificate-oidc-issuer=https://token.actions.githubusercontent.com \
--certificate-identity="https://github.com/kubewarden/adm-controller/.github/workflows/attestation.yml@<TAG TO VERIFY>" \
ghcr.io/kubewarden/adm-controller/controller@sha256:1abc0944378d9f3ee2963123fe84d045248d320d76325f4c2d4eb201304d4c4e
Note
All the commands and file locations used in this section to validate the controller components can be used to verify all the others Kubewarden components as well.
That sha256 hash is the digest of the attestation manifest or its layers.
Therefore, you need to find this hash in the registry using the UI or tools
like crane. For example, the following command will show you all the
attestation manifests of the latest tag:
crane manifest ghcr.io/kubewarden/adm-controller/controller:latest | jq '.manifests[] | select(.annotations["vnd.docker.reference.type"]=="attestation-manifest")'
{
"mediaType": "application/vnd.oci.image.manifest.v1+json",
"digest": "sha256:fc01fa6c82cffeffd23b737c7e6b153357d1e499295818dad0c7d207f64e6ee8",
"size": 1655,
"annotations": {
"vnd.docker.reference.digest": "sha256:611d499ec9a26034463f09fa4af4efe2856086252d233b38e3fc31b0b982d369",
"vnd.docker.reference.type": "attestation-manifest"
},
"platform": {
"architecture": "unknown",
"os": "unknown"
}
}
{
"mediaType": "application/vnd.oci.image.manifest.v1+json",
"digest": "sha256:e0cd736c2241407114256e09a4cdeef55eb81dcd374c5785c4e5c9362a0088a2",
"size": 1655,
"annotations": {
"vnd.docker.reference.digest": "sha256:03e5db83a25ea2ac498cf81226ab8db8eb53a74a2c9102e4a1da922d5f68b70f",
"vnd.docker.reference.type": "attestation-manifest"
},
"platform": {
"architecture": "unknown",
"os": "unknown"
}
}
Then you can use the digest field to verify the attestation manifest and its
layers signatures.
cosign verify --certificate-oidc-issuer=https://token.actions.githubusercontent.com \
--certificate-identity="https://github.com/kubewarden/adm-controller/.github/workflows/attestation.yml@<TAG TO VERIFY>" \
ghcr.io/kubewarden/adm-controller/controller@sha256:fc01fa6c82cffeffd23b737c7e6b153357d1e499295818dad0c7d207f64e6ee8
crane manifest ghcr.io/kubewarden/adm-controller/controller@sha256:fc01fa6c82cffeffd23b737c7e6b153357d1e499295818dad0c7d207f64e6ee8
{
"schemaVersion": 2,
"mediaType": "application/vnd.oci.image.manifest.v1+json",
"config": {
"mediaType": "application/vnd.oci.image.config.v1+json",
"digest": "sha256:eda788a0e94041a443eca7286a9ef7fce40aa2832263f7d76c597186f5887f6a",
"size": 463
},
"layers": [
{
"mediaType": "application/vnd.in-toto+json",
"digest": "sha256:563689cdee407ab514d057fe2f8f693189279e10bfe4f31f277e24dee00793ea",
"size": 94849,
"annotations": {
"in-toto.io/predicate-type": "https://spdx.dev/Document"
}
},
{
"mediaType": "application/vnd.in-toto+json",
"digest": "sha256:7ce0572628290373e17ba0bbb44a9ec3c94ba36034124931d322ca3fbfb768d9",
"size": 7363045,
"annotations": {
"in-toto.io/predicate-type": "https://spdx.dev/Document"
}
},
{
"mediaType": "application/vnd.in-toto+json",
"digest": "sha256:dacf511c5ec7fd87e8692bd08c3ced2c46f4da72e7271b82f1b3720d5b0a8877",
"size": 71331,
"annotations": {
"in-toto.io/predicate-type": "https://spdx.dev/Document"
}
},
{
"mediaType": "application/vnd.in-toto+json",
"digest": "sha256:594da3e8bd8c6ee2682b0db35857933f9558fd98ec092344a6c1e31398082f4d",
"size": 980,
"annotations": {
"in-toto.io/predicate-type": "https://spdx.dev/Document"
}
},
{
"mediaType": "application/vnd.in-toto+json",
"digest": "sha256:7738d8d506c6482aaaef1d22ed920468ffaf4975afd28f49bb50dba2c20bf2ca",
"size": 13838,
"annotations": {
"in-toto.io/predicate-type": "https://slsa.dev/provenance/v0.2"
}
}
]
}
cosign verify --certificate-oidc-issuer=https://token.actions.githubusercontent.com \
--certificate-identity="https://github.com/kubewarden/adm-controller/.github/workflows/attestation.yml@<TAG TO VERIFY>" \
ghcr.io/kubewarden/adm-controller/controller@sha256:594da3e8bd8c6ee2682b0db35857933f9558fd98ec092344a6c1e31398082f4d
Note that each attestation manifest (for each architecture) has its own layers.
Each layer is a different SBOM SPDX or provenance file generated by Docker
Buildx during the multi stage build process. You can also use crane to
download the attestation file:
crane blob ghcr.io/kubewarden/adm-controller/controller@sha256:7738d8d506c6482aaaef1d22ed920468ffaf4975afd28f49bb50dba2c20bf2ca
Security disclosure
See SECURITY.md on the kubewarden/community repo.