would like to ask about the design decision in the Compliance Operator regarding compliance scan results.
Currently, for cluster-level compliance scans, the Compliance Operator does not appear to retain or expose node-level check results. This makes it difficult to identify which specific node failed a compliance check.
In scenarios where multiple nodes are added to the cluster at once, if a compliance scan fails, it would be very helpful to clearly know which node(s) caused the failure and which checks failed on those nodes.
Could you please explain:
• Why node-level compliance check results are not retained or exposed?
• Is this a known limitation or an intentional design choice?
• Are there any plans or recommended approaches to obtain per-node compliance results in such scenarios?
Thank you for your help and clarification.
would like to ask about the design decision in the Compliance Operator regarding compliance scan results.
Currently, for cluster-level compliance scans, the Compliance Operator does not appear to retain or expose node-level check results. This makes it difficult to identify which specific node failed a compliance check.
In scenarios where multiple nodes are added to the cluster at once, if a compliance scan fails, it would be very helpful to clearly know which node(s) caused the failure and which checks failed on those nodes.
Could you please explain:
• Why node-level compliance check results are not retained or exposed?
• Is this a known limitation or an intentional design choice?
• Are there any plans or recommended approaches to obtain per-node compliance results in such scenarios?
Thank you for your help and clarification.