Kubewarden Admission Controller - Monorepo

June 26, 2026 ยท View on GitHub

Kubewarden Core Repository Stable Artifact HUB OpenSSF Best Practices FOSSA Status OpenSSF Scorecard CLOMonitor

Kubewarden is a Kubernetes Dynamic Admission Controller that uses policies written in WebAssembly.

For more information refer to the official Kubewarden website.

Kubewarden Admission Controller - Monorepo

This repository is a monorepo containing the source code for all the different components of the Kubewarden Admission Controller:

  • adm-controller: A Kubernetes controller that allows you to dynamically register Kubewarden admission policies and reconcile them with the Kubernetes webhooks of the cluster where it's deployed
  • policy-server: The runtime component that evaluates admission policies written in WebAssembly
  • audit-scanner: A component that scans existing resources in the cluster against registered policies
  • kwctl: A CLI tool for testing and managing Kubewarden policies

Documentation

The full and exhaustive documentation is available at docs.kubewarden.io.

The docs/ folder contains README files for each component:

Installation

The adm-controller can be deployed using a Helm chart. For instructions, see https://charts.kubewarden.io.

Please refer to our quickstart for more details.

Note: This chart replaces the three separate charts that were used previously: kubewarden-crds, kubewarden-controller, and kubewarden-defaults.

Migration from three-chart setup

Please refer to the migration guide in the documentation for instructions on migrating from the legacy kubewarden-crds, kubewarden-controller, and kubewarden-defaults charts to the unified admission-controller chart.

Configuration

Defaults

The chart can deploy a default Policy Server and recommended policies:

policyServer:
  enabled: true
  replicaCount: 1
  # ... (see values.yaml for full options)

recommendedPolicies:
  enabled: false # disabled by default
  defaultPolicyMode: "monitor"
  allowPrivilegeEscalationPolicy:
    # ... (see values.yaml)

These resources are owned and reconciled by the controller. Manual changes are reverted on the next reconciliation. Setting enabled to false removes all managed resources.

CRDs

CRDs are installed with the helm.sh/resource-policy: keep annotation:

  • helm upgrade updates CRDs normally
  • helm uninstall does not delete CRDs, which prevents cascade-deletion of all PolicyServers and policies in the cluster

Reinstalling under a different release name or namespace

Because the CRDs are kept on uninstall, they survive with the Helm ownership metadata of the release that created them (meta.helm.sh/release-name and meta.helm.sh/release-namespace). Helm checks this metadata on the next install:

  • Same release name and namespace: Helm adopts the existing CRDs and the install succeeds.

  • Different release name or namespace: Helm refuses to take over the CRDs and the install fails with:

    Error: ... invalid ownership metadata; annotation
    meta.helm.sh/release-name must equal "<new>": current value is "<old>"
    

This is expected: the CRDs still belong to the previous release. To adopt them into the new release, install with --take-ownership (Helm 3.18+ or Helm 4), which re-stamps the ownership metadata:

helm install <release> <chart> -n <namespace> --take-ownership

Uninstall

helm uninstall kubewarden-controller -n kubewarden

This removes:

  • The controller Deployment
  • Managed defaults (resources labeled kubewarden.io/managed-by=kubewarden-controller-defaults)
  • ConfigMaps, Secrets, Services

It does not remove:

  • CRDs (kept by helm.sh/resource-policy: keep)
  • User-managed PolicyServers and policies

To remove CRDs after uninstall:

kubectl delete crd policyservers.policies.kubewarden.io
kubectl delete crd clusteradmissionpolicies.policies.kubewarden.io
kubectl delete crd admissionpolicies.policies.kubewarden.io
kubectl delete crd clusteradmissionpolicygroups.policies.kubewarden.io
kubectl delete crd admissionpolicygroups.policies.kubewarden.io

Software bill of materials & provenance

All Kubewarden components has its software bill of materials (SBOM) and build Provenance information published every release. It follows the SPDX format and SLSA provenance schema. Both of the files are generated by Docker buildx during the build process and stored in the container registry together with the container image as well as upload in the release page.

You can find them together with the signature and certificate used to sign it in the release assets, and attached to the image as JSON-encoded documents following the in-toto SPDX predicate format. You can obtain them with crane or docker buildx imagetools inspect.

You can verify the container image with:

cosign verify-blob --certificate-oidc-issuer=https://token.actions.githubusercontent.com  \
    --certificate-identity="https://github.com/kubewarden/adm-controller/.github/workflows/attestation.yml@<TAG TO VERIFY>" \
    --bundle controller-attestation-amd64-provenance.intoto.jsonl.bundle.sigstore \
    controller-attestation-amd64-provenance.intoto.jsonl

To verify the attestation manifest and its layer signatures:

cosign verify --certificate-oidc-issuer=https://token.actions.githubusercontent.com  \
    --certificate-identity="https://github.com/kubewarden/adm-controller/.github/workflows/attestation.yml@<TAG TO VERIFY>" \
    ghcr.io/kubewarden/adm-controller/controller@sha256:1abc0944378d9f3ee2963123fe84d045248d320d76325f4c2d4eb201304d4c4e

Note

All the commands and file locations used in this section to validate the controller components can be used to verify all the others Kubewarden components as well.

That sha256 hash is the digest of the attestation manifest or its layers. Therefore, you need to find this hash in the registry using the UI or tools like crane. For example, the following command will show you all the attestation manifests of the latest tag:

crane manifest  ghcr.io/kubewarden/adm-controller/controller:latest | jq '.manifests[] | select(.annotations["vnd.docker.reference.type"]=="attestation-manifest")'
{
  "mediaType": "application/vnd.oci.image.manifest.v1+json",
  "digest": "sha256:fc01fa6c82cffeffd23b737c7e6b153357d1e499295818dad0c7d207f64e6ee8",
  "size": 1655,
  "annotations": {
    "vnd.docker.reference.digest": "sha256:611d499ec9a26034463f09fa4af4efe2856086252d233b38e3fc31b0b982d369",
    "vnd.docker.reference.type": "attestation-manifest"
  },
  "platform": {
    "architecture": "unknown",
    "os": "unknown"
  }
}
{
  "mediaType": "application/vnd.oci.image.manifest.v1+json",
  "digest": "sha256:e0cd736c2241407114256e09a4cdeef55eb81dcd374c5785c4e5c9362a0088a2",
  "size": 1655,
  "annotations": {
    "vnd.docker.reference.digest": "sha256:03e5db83a25ea2ac498cf81226ab8db8eb53a74a2c9102e4a1da922d5f68b70f",
    "vnd.docker.reference.type": "attestation-manifest"
  },
  "platform": {
    "architecture": "unknown",
    "os": "unknown"
  }
}

Then you can use the digest field to verify the attestation manifest and its layers signatures.

cosign verify --certificate-oidc-issuer=https://token.actions.githubusercontent.com  \
    --certificate-identity="https://github.com/kubewarden/adm-controller/.github/workflows/attestation.yml@<TAG TO VERIFY>" \
    ghcr.io/kubewarden/adm-controller/controller@sha256:fc01fa6c82cffeffd23b737c7e6b153357d1e499295818dad0c7d207f64e6ee8

crane manifest  ghcr.io/kubewarden/adm-controller/controller@sha256:fc01fa6c82cffeffd23b737c7e6b153357d1e499295818dad0c7d207f64e6ee8
{
  "schemaVersion": 2,
  "mediaType": "application/vnd.oci.image.manifest.v1+json",
  "config": {
    "mediaType": "application/vnd.oci.image.config.v1+json",
    "digest": "sha256:eda788a0e94041a443eca7286a9ef7fce40aa2832263f7d76c597186f5887f6a",
    "size": 463
  },
  "layers": [
    {
      "mediaType": "application/vnd.in-toto+json",
      "digest": "sha256:563689cdee407ab514d057fe2f8f693189279e10bfe4f31f277e24dee00793ea",
      "size": 94849,
      "annotations": {
        "in-toto.io/predicate-type": "https://spdx.dev/Document"
      }
    },
    {
      "mediaType": "application/vnd.in-toto+json",
      "digest": "sha256:7ce0572628290373e17ba0bbb44a9ec3c94ba36034124931d322ca3fbfb768d9",
      "size": 7363045,
      "annotations": {
        "in-toto.io/predicate-type": "https://spdx.dev/Document"
      }
    },
    {
      "mediaType": "application/vnd.in-toto+json",
      "digest": "sha256:dacf511c5ec7fd87e8692bd08c3ced2c46f4da72e7271b82f1b3720d5b0a8877",
      "size": 71331,
      "annotations": {
        "in-toto.io/predicate-type": "https://spdx.dev/Document"
      }
    },
    {
      "mediaType": "application/vnd.in-toto+json",
      "digest": "sha256:594da3e8bd8c6ee2682b0db35857933f9558fd98ec092344a6c1e31398082f4d",
      "size": 980,
      "annotations": {
        "in-toto.io/predicate-type": "https://spdx.dev/Document"
      }
    },
    {
      "mediaType": "application/vnd.in-toto+json",
      "digest": "sha256:7738d8d506c6482aaaef1d22ed920468ffaf4975afd28f49bb50dba2c20bf2ca",
      "size": 13838,
      "annotations": {
        "in-toto.io/predicate-type": "https://slsa.dev/provenance/v0.2"
      }
    }
  ]
}

cosign verify --certificate-oidc-issuer=https://token.actions.githubusercontent.com  \
    --certificate-identity="https://github.com/kubewarden/adm-controller/.github/workflows/attestation.yml@<TAG TO VERIFY>" \
    ghcr.io/kubewarden/adm-controller/controller@sha256:594da3e8bd8c6ee2682b0db35857933f9558fd98ec092344a6c1e31398082f4d

Note that each attestation manifest (for each architecture) has its own layers. Each layer is a different SBOM SPDX or provenance file generated by Docker Buildx during the multi stage build process. You can also use crane to download the attestation file:

crane blob ghcr.io/kubewarden/adm-controller/controller@sha256:7738d8d506c6482aaaef1d22ed920468ffaf4975afd28f49bb50dba2c20bf2ca

Security disclosure

See SECURITY.md on the kubewarden/community repo.

Changelog

See GitHub Releases content.