Rita Zhang
Rita Zhang
> Sorry for the delay. We can cut a new release. @ritazh @maxsmythe any objections? sgtm
xpost https://github.com/kubernetes/kubernetes/issues/121454 and https://github.com/kubernetes/sig-security/issues/116 would be good to continue the discussions there as we hash out details for next steps.
Folks, are there specific rego v1 features you need for your policies or is rego v0 sufficient?
Thanks @anderseknert! Yes a PR would be great. The concern is having to support both rego v0 and v1 adds complexity in the code, user experience, and maintenance/support. We want...
Reopening this since there is still interests. @etiennegrignon-intuit and others, would start audit immediately (immediately being defined as "as soon as all policy is loaded") after audit is deployed meet...
> [@ritazh](https://github.com/ritazh) Yes an audit on startup would be good. Issue shows as completed. Is the audit running immediately already a feature in place? Not implemented, stale bot closed it....
hostNetwork violation does not check for exemptImages. https://github.com/open-policy-agent/gatekeeper-library/blob/9a19184da1b65115b9b3bd939ed48590aaefb984/library/pod-security-policy/host-network-ports/template.yaml#L101-L104
> So are you saying this is intentional since the CEL version is now being updated to behave the same? It would sure be useful to define exceptions for hostNetwork...
@maxsmythe does this PR LGTY? we need this PR to merge first so go.mod in https://github.com/open-policy-agent/gatekeeper/pull/3570 can point to the latest commit