Policy Reporter watches the Kubernetes PolicyReport and ClusterPolicyReport CRDs defined by the Kubernetes Policy Working Group and turns them into metrics, dashboards, and notifications. It does not itself evaluate policies; it consumes the reports produced by engines like Kyverno, Falco, Trivy Operator, jsPolicy, and kube-bench.
The core component is a Go controller that subscribes to PolicyReport changes and fans them out to multiple targets: Prometheus metrics on results per policy/category/severity, a REST API, and push targets such as Slack, Microsoft Teams, Discord, Elasticsearch, Loki, S3, Google Chat, Webhooks, and Jira. Each target supports filtering by namespace, policy, severity, and result status, which lets different teams subscribe to the subset of violations they care about without duplicating policy logic. A separate UI component provides a Vue-based dashboard that reads from the API and visualizes the current compliance state of a cluster.
Policy Reporter is effectively the reporting and alerting layer on top of the Kyverno stack and is what most teams use to surface policy failures from admission controllers into the same channels they already use for runtime alerts. It is MIT-licensed and part of the Kyverno GitHub organization.