From 7316fc93bc5d53dc0a3277b63f937bfe2973dc6a Mon Sep 17 00:00:00 2001
From: Flavio Castelli <fcastelli@suse.com>
Date: Wed, 17 Jul 2024 09:54:37 +0200
Subject: [PATCH 1/2] fix: address failure when parsing policies.yml file

There seeems to be issues with the usage of the `deny_unknown_fields`
and untagged enumerations.
serde ends up confused and complains about perfectly valid files.

See https://github.com/serde-rs/serde/issues/1600

Signed-off-by: Flavio Castelli <fcastelli@suse.com>
---
 src/config.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/config.rs b/src/config.rs
index 1b2e9bbf..62c584d3 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -333,7 +333,7 @@ impl PolicyGroupMember {
 
 /// Describes a policy that can be either an individual policy or a group policy.
 #[derive(Deserialize, Debug, Clone)]
-#[serde(deny_unknown_fields, untagged, rename_all = "camelCase")]
+#[serde(untagged, rename_all = "camelCase")]
 pub enum PolicyOrPolicyGroup {
     /// An individual policy
     Policy {

From c2297bf42e9ede464e1b7510ebca8f628e7852ab Mon Sep 17 00:00:00 2001
From: Flavio Castelli <fcastelli@suse.com>
Date: Wed, 17 Jul 2024 09:56:04 +0200
Subject: [PATCH 2/2] fix: update contents of the policy.yml.example file

The contents of the file were based on the initial RFC format, which was
then changed.

Signed-off-by: Flavio Castelli <fcastelli@suse.com>
---
 policies.yml.example | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/policies.yml.example b/policies.yml.example
index c7fee471..f94fae0c 100644
--- a/policies.yml.example
+++ b/policies.yml.example
@@ -8,7 +8,7 @@ psp-capabilities:
     required_drop_capabilities: ["KILL"]
 pod-image-signatures: # policy group
   policies:
-    - name: sigstore_pgp
+    sigstore_pgp:
       url: ghcr.io/kubewarden/policies/verify-image-signatures:v0.2.8
       settings:
         signatures:
@@ -16,14 +16,14 @@ pod-image-signatures: # policy group
             pubKeys:
               - "-----BEGIN PUBLIC KEY-----xxxxx-----END PUBLIC KEY-----"
               - "-----BEGIN PUBLIC KEY-----xxxxx-----END PUBLIC KEY-----"
-    - name: sigstore_gh_action
+    sigstore_gh_action:
       url: ghcr.io/kubewarden/policies/verify-image-signatures:v0.2.8
       settings:
         signatures:
           - image: "*"
             githubActions:
             owner: "kubewarden"
-    - name: reject_latest_tag
+    reject_latest_tag:
       url: ghcr.io/kubewarden/policies/trusted-repos-policy:v0.1.12
       settings:
         tags: