rego-policies
rego-policies copied to clipboard
redhat-cop
Rego policies collection
Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.2.0 to 1.3.0. Release notes Sourced from helm/kind-action's releases. v1.3.0 What's Changed fix: #44 - Allow to configure kubectl version to use by @grzesuav in helm/kind-action#45 fix...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
prow is only used for "chatops" in this repo, so can be disabled: - https://github.com/redhat-cop/org/issues/459
The operator.openshift.io/v1beta1 API group for the descheduler is deprecated and might be removed in a future release. Use the operator.openshift.io/v1 API group instead. https://access.redhat.com/documentation/en-us/openshift_container_platform/4.8/html/release_notes/ocp-4-8-release-notes#ocp-4-8-deprecated-features
Can we OPA'erize: - https://github.com/tektoncd/triggers/blob/master/config/101-podsecuritypolicy.yaml This would probably need to be tested on vanilla k8s or on OCP with SCCs least enforcing, just to stop them interfering - needs a...
See: - https://github.com/tektoncd/triggers/issues/610
Can this be extended? - https://github.com/tektoncd/catalog/tree/master/task/conftest/0.1 Can we provide more docs/examples linked back to this repo? One use case I see not doc'd is being able to pull policies. Need...
See: https://github.com/tektoncd/pipeline/issues/2668
Based on: - https://github.com/gabemontero/opa-tekton-sar-demo Can this be improved/hosted here? i.e.: - pull in creds and certs in a less naive fashion
Customer requested this via a support ticket. Needs a bit of thought around how it might work.
Investigate if it's possible to hookup the data from the below operator to deny images that are bad: - https://operatorhub.io/operator/project-quay-container-security-operator