Max Smythe

It's actively being worked on. I don't want to project a date, but here is a PR that is starting the work stream: https://github.com/open-policy-agent/gatekeeper/pull/2062 Once that gets submitted, the next...

+1 to supporting better code reuse. We have the beginnings of that in the `libs` field of the constraint template. That is intended so that code may be safely shared...

> I'd love to see this potentially be extended into either loading common libs from ConfigMaps as is kinda-sorta the case for vanilla OPA, or else see a CRD created...

The library is probably a better candidate for semver versioning than most, as its interface is pretty well defined. Another option could be to fork the repo and point ArgoCD...

If you run `kubectl get api-resources` do these resources show up in the results? Gatekeeper uses kubernetes' discovery API. It can't know whether given resources are auditable if they are...

1. What you are trying to do should be possible. Although you should know that Gatekeeper currently fails-open while we are building out our reliability story in order to avoid...

So this is a function of the K8s version, not Gatekeeper version? I wonder if the output of an API call changed. Can you give more of the relevant log...

Rego doesn't allow us to modify execution flow, but with the changes @willbeason is working on we will have more control over things like parallel execution. IIRC his analysis showed...

Generally speaking, ConfigMaps can be mutated, but what's happening here is that you are trying to mutate the inside of an opaque string. For the cited resource: ``` apiVersion: v1...

It should be possible to replace the opaque text in its entirety using current behaviors.