gatekeeper
gatekeeper copied to clipboard
🐊 Gatekeeper - Policy Controller for Kubernetes
**What steps did you take and what happened:** [A clear and concise description of what the bug is.] Deployed gatekeeper release using prebuilt image with following command kubectl apply -f...
I have these changes more or less ready to go but I was unsure about the best way to integrate with auditing, so I would appreciate any feedback on that....
1. Upgraded GKE K8S cluster from v1.19.15 to v1.20.12 2. Noticed logs were not being ingested into logstash due to an Invalid FieldReference on [log][constraints][]. 3. Tracked it down to...
**Describe the solution you'd like** We have an existing custom mutation that we would like to replace with a GateKeeper policy. The mutation adds spec.loadBalancerSourceRanges to a Service but *only*...
**Describe the solution you'd like** Support check constraints in parallel when review a request, use this way to speed up review when using External Data feature or using `http.send` in...
**Describe the solution you'd like** Looks like we are missing docs for `exempt-namespace-prefix` https://open-policy-agent.github.io/gatekeeper/website/docs/v3.6.x/exempt-namespaces/ ref #1193
**Describe the solution you'd like** [A clear and concise description of what you want to happen.] **Anything else you would like to add:** [Miscellaneous information that will assist in solving...
From https://bugzilla.redhat.com/show_bug.cgi?id=2010219 (see for kyverno example using `preconditions`) Currently, it is not possible to truncate "unreasonably" large/short values in a mutation policy. In this way, the mutating webhook only truncates...
The metrics reporting functions are found in a variety of locations as of the creation of this bug: ```shell ❯ find ./pkg -name "stats_reporter.go" ./pkg/controller/mutators/stats_reporter.go ./pkg/controller/constrainttemplate/stats_reporter.go ./pkg/controller/sync/stats_reporter.go ./pkg/controller/constraint/stats_reporter.go ./pkg/audit/stats_reporter.go ./pkg/mutation/stats_reporter.go...
on v3.7.0 I'm using the helm value `disableMutation=true` but still get ``` ["CustomResourceDefinition", "assign.mutations.gatekeeper.sh"], ["CustomResourceDefinition", "assignmetadata.mutations.gatekeeper.sh"], ["CustomResourceDefinition", "modifyset.mutations.gatekeeper.sh"], ["CustomResourceDefinition", "mutatorpodstatuses.status.gatekeeper.sh"], ``` ... I think they should not be generated since...