Based on this issue, it was decided to perform strict validation of objects specified in the policy to avoid an infinite loop where a policy constantly enforces an object definition with an invalid key since after enforcing, the invalid key is normally silently dropped by the API. This will be targeted for 2.6.1. Here is the upstream PR: https://github.com/open-cluster-management-io/config-policy-controller/pull/63
Verified on 2.6.2-FC1 build. Will report violation message about unknown field.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: Red Hat Advanced Cluster Management 2.6.2 security update and bug fixes), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:7313