-
The controllers started by Gatekeeper contain a shared state that is used and mutated in a
non-thread-safe manner. As a result, different controllers race between each other and
may clobber the data…
-
The policy-library repo was [recently updated](https://github.com/forseti-security/policy-library/pull/279) to use opa v0.17.2 (from v0.16.0).
Config Validator will also need to be updated to use …
-
## In what area(s)?
/area test-and-release
## Describe the feature
To catch things like: https://github.com/knative/serving/pull/3237#issuecomment-504640189
cc @yu2003w
-
**What kind of request is this (question/bug/enhancement/feature request):**
Bug
**Steps to reproduce (least amount of steps as possible):**
1. Create a cluster, go to dashboard.
2. Enable O…
-
**What would you like to be added**:
The ability to express that my application need guarantees about the TLS validation
**Why is this needed**:
As an application owner, I have made commitme…
-
Hi,
I would like to use the Gatekeeper project with it's constraint framework approach.
But I would like to have the ability to test my defined constraints againt local files.
With plain Rego …
-
By default gatekeeper resets the cache of synced data whenever the list of watched resources changes.
This is not the case when the list of constraint kinds to watch changes.
This means that any…
-
# Workload Types
Within each type, you have the ability to specify a pod template, which has the same components for all workload types. Either metadata or the pod spec itself. The pod template is …
-
I've been trying to integrate OPA with k8s and looking at the constraint framework, it would be really great to have gatekeeper part of the authorization stage as well. Given that gatekeeper already …
-
We would like to offer structured feedback to users when linting/validating KRM objects that are getting transformed as part of a `kpt fn` pipeline. This feedback would originate from existing `kpt` …