gatekeeper
gatekeeper copied to clipboard
🐊 Gatekeeper - Policy Controller for Kubernetes
**Describe the solution you'd like** I want to apply the same mutation to objects w/ slightly different structure. Without writing duplicate mutation specs. ``` spec: match: scope: Namespaced kinds: [...
**What steps did you take and what happened:** In spirit... ```bash :; tar cfz config.tgz config/ ## .. some later point :; tar zxf config.tgz :; kustomize build config/ |...
When using gatekeeper, is OPA decision logs API still available and how to access it? https://www.openpolicyagent.org/docs/latest/management/#decision-logs If not, is there any alternative ways to collect these logs for reporting purpose?
**Describe the solution you'd like** In https://github.com/open-policy-agent/opa/issues/721, they talked about services and bundles but I wasn't able to find any documentations on how to set this up. There is this...
I am trying to setup GK to govern what sort of GCP resources our developers are allowed to create via the [Google Config Connector](https://cloud.google.com/config-connector/docs/overview) controller. This controller interacts with GCP...
I want an [authorization webhook](https://kubernetes.io/docs/reference/access-authn-authz/webhook/) using OPA rules and engine. But for now, I found gatekeeper implement [admission webhook](https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/) but not authorization webhook. Then I need implement authorization webhook by...
We need to explain how people can manage Gatekeeper installations. Some things that come to mind: * How do you install and upgrade Gatekeeper (gotchas?) * How do you secure...
**Describe the solution you'd like** When installing gatekeeper on the cluster which has both amd and arm nodes, the pod gatekeeper-update-namespace-label could be scheduled on the arm node. Then there...
**What steps did you take and what happened:** I'm trying to deploy one policy which checks for one specific key/value from deployments labels. As we can see that below labels...
**Describe the solution you'd like** In the Documentation here : https://open-policy-agent.github.io/gatekeeper/website/docs/mutation#assignmetadata It is said that : " Each mutation CRD can be divided into 3 distinct sections: extent of changes...