gatekeeper icon indicating copy to clipboard operation
gatekeeper copied to clipboard

Published 20 hours ago verified publisher icon open-policy-agent

Metadata

🐊 Gatekeeper - Policy Controller for Kubernetes

Results 271 gatekeeper issues
Sort by recently updated
recently updated
newest added

mutation "location" part of applyTo

8 comment

**Describe the solution you'd like** I want to apply the same mutation to objects w/ slightly different structure. Without writing duplicate mutation specs. ``` spec: match: scope: Namespaced kinds: [...

jdef avatar jdef

enhancement
mutation
need more discussion

config/ dependencies are not self-contained, depends on top-level vendor/

5 comment

**What steps did you take and what happened:** In spirit... ```bash :; tar cfz config.tgz config/ ## .. some later point :; tar zxf config.tgz :; kustomize build config/ |...

jdef avatar jdef

bug
question

OPA decision logs

4 comment

When using gatekeeper, is OPA decision logs API still available and how to access it? https://www.openpolicyagent.org/docs/latest/management/#decision-logs If not, is there any alternative ways to collect these logs for reporting purpose?

ycao56 avatar ycao56

question

Document how to configure bundle and services

7 comment

**Describe the solution you'd like** In https://github.com/open-policy-agent/opa/issues/721, they talked about services and bundles but I wasn't able to find any documentations on how to set this up. There is this...

eatwithforks avatar eatwithforks

enhancement
external data

Using Gatekeeper to Lock Down Google Config Connector (and other CRDs)

5 comment

I am trying to setup GK to govern what sort of GCP resources our developers are allowed to create via the [Google Config Connector](https://cloud.google.com/config-connector/docs/overview) controller. This controller interacts with GCP...

james-mcgoodwin avatar james-mcgoodwin

Why does gatekeeper implement admission webhook but not authorization webhook?

9 comment

I want an [authorization webhook](https://kubernetes.io/docs/reference/access-authn-authz/webhook/) using OPA rules and engine. But for now, I found gatekeeper implement [admission webhook](https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/) but not authorization webhook. Then I need implement authorization webhook by...

answer1991 avatar answer1991

enhancement
triaged

Create documentation aimed at "gatekeeper admins"

7 comment

We need to explain how people can manage Gatekeeper installations. Some things that come to mind: * How do you install and upgrade Gatekeeper (gotchas?) * How do you secure...

tsandall avatar tsandall

docs

nodeSelector value for gatekeeper-update-namespace-label job

2 comment

**Describe the solution you'd like** When installing gatekeeper on the cluster which has both amd and arm nodes, the pod gatekeeper-update-namespace-label could be scheduled on the arm node. Then there...

pinlast avatar pinlast

enhancement

Unable to monitor labels if they are generated from helpers.tpl

3 comment

**What steps did you take and what happened:** I'm trying to deploy one policy which checks for one specific key/value from deployments labels. As we can see that below labels...

azizzoaib786 avatar azizzoaib786

bug

Add Conditionals to AssignMetadata

2 comment

**Describe the solution you'd like** In the Documentation here : https://open-policy-agent.github.io/gatekeeper/website/docs/mutation#assignmetadata It is said that : " Each mutation CRD can be divided into 3 distinct sections: extent of changes...

mgzam avatar mgzam

enhancement

Metadata

3.5k
Stars
731
Forks
Watchers

Owner

verified publisher icon open-policy-agent

Metadata

🐊 Gatekeeper - Policy Controller for Kubernetes

Back