Dustin Decker
Dustin Decker
Actually, after a bit more thinking, I realized it's possible do this programmatically by converting go's http.Request to a curl command, and it looks like libraries already exist to do...
I think we might be able to do this with a custom roundtripper in the http.Client that we use for verification. It could use http2curl to print the output when...
Thanks for the heads up, Tom. Would you like to add those? If not, we can get those added sometime soon. The unique token prefix choice is definitely appreciated!
This change will only work if the input key is PKIX encoded. It will lead to a lot of incorrect results until we add full parsing and normalization support so...
Currently the GitHub public keys are a one-time import, but we will be improving that. The Certificate Transparency part is continuously indexed though.
Thanks for the suggestion! We weren't aware of this resource before.
You're right, and we'll add this soon. In the meantime the code base is small and auditable, and the builds are automated.
Under the hood, Isopod's Helm support render the manifests from the chart. So implementing Helm 3's tiller-less ability to read objects back during apply _might_ be non-trival. You can use...
Good idea. To facilitate checking labels or annotations for other `kinds` of resources, we could accept that in the configuration for a more generic policy: ``` type LabelConfig struct{ Kinds...
Agreed! Some custom counter metrics that come to mind: - Enforced violations by policy - Non-enforced violations by policy