Gareth Healy
Gareth Healy
is this a dead policy, since PSP are now deprecated? - https://kubernetes.io/blog/2021/04/06/podsecuritypolicy-deprecation-past-present-and-future/
@viswajithiii ; any plans to support `Template`? in the same way, k8s `List` and `helm` are.
They are a way to provide a simple template for a list of resources (_pre-helm, started in OCP3_). Obviously, customers are migrating to better/other ways, but they are still used...
@jfroment ; i already have some code that does that as I required it for OPA policies I was writing. - https://github.com/redhat-cop/bats-library/blob/master/src/yaml-json-manipulation.bash It does a bit more than you've suggested,...
I'd expect the policy to be similar to: - https://github.com/redhat-cop/rego-policies/blob/1.4.0/policy/combine/namespace-has-networkpolicy/src.rego
I'd expect the policy to be similar to: - https://github.com/redhat-cop/rego-policies/blob/1.4.0/policy/ocp/bestpractices/common-k8s-labels-notset/src.rego
Starter for 10: 1. redhat-cop.github.com/owner 2. redhat-cop.github.com/project 3. redhat-cop.github.com/business-unit 4. redhat-cop.github.com/technology
CC @gabemontero
Also, to use `conftest push`, it needs to conform to OCI spec which looking at the below, is hardly any: - https://conformance.opencontainers.org/distribution-spec/
https://github.com/artifacthub/hub/issues/554