k8s-gitops icon indicating copy to clipboard operation
k8s-gitops copied to clipboard

Published 20 hours ago verified publisher icon xunholy

Deploy Gatekeeper with REGO policies

Open xunholy opened this issue 4 years ago • 3 comments

Details

Deploying Gatekeeper into the cluster with the CIS benchmark policies written in the raspbernetes/k8s-security-policies repository.

xunholy avatar Oct 16 '20 10:10 xunholy

Issue-Label Bot is automatically applying the label feature_request to this issue, with a confidence of 0.98. Please mark this comment with :thumbsup: or :thumbsdown: to give our bot feedback!

Links: app homepage, dashboard and code for this bot.

issue-label-bot[bot] avatar Oct 16 '20 10:10 issue-label-bot[bot]

Various searches have resulted in no results for decent Grafana dashboards that can be leveraged for Gatekeeper, one will need to be created. Key criteria are violations per namespaces, with scope to breakdown per resource or label.

xunholy avatar Oct 25 '20 09:10 xunholy

Gatekeeper is deployed and running on version 3.2.0-rc.1 however, constraints are not being applied to the cluster.

https://github.com/plexsystems/konstraint will be quite handy to render the rego files in the security policies repo

xunholy avatar Nov 03 '20 08:11 xunholy