Xinhe Li
Xinhe Li
For volume related polices, if the violated volume is not mounted or mounted on excluded container, it will not report violation. HostNamespace if all images in this pod are excluded,...
# Context It is about one requirement that wants to set policy parameter value on container level. Original issue link is https://github.com/Azure/azure-policy/issues/890 Currently, I can provide a workaround for this...
#### Details of the scenario you tried and the problem that is occurring Hi, I am working on some AKS policies that may need add some judgements in 'if' field...
**What this PR does / why we need it**: **Which issue(s) does this PR fix** *(optional, using `fixes #(, fixes #, ...)` format, will close the issue(s) when the PR...
Hi gatekeeper-library, In apparmor constraint template, we setup the rule to block container using apparmor not existed in the parameter `allowedProfiles` https://github.com/open-policy-agent/gatekeeper-library/blob/master/library/pod-security-policy/apparmor/template.yaml However, in the [apparmor api doc](https://kubernetes.io/docs/tutorials/security/apparmor/#api-reference), it is...
Hi team, i am reading the structure of trust policy properties, might have one question about `registryScopes` https://github.com/notaryproject/specifications/blob/main/specs/trust-store-trust-policy.md#trust-policy-properties The article said `The scope field supports filtering based on fully qualified...
### What happened in your environment? When I create two store cr in my cluster. The first one is empty auth provider. The second is azure workload identity. My verification...