-
### Problem Statement
I would like to write a policy to inject NodeSelectorTerms by default, based on the architectures available for a given image. For example:
```
$ crane manifest nginx | jq '…
-
Provide an example of gatekeeper guarding `workspacesettings` - the specific collection of fields like `securitysettings` or so.
-
Hi, just got into the issue while enabling Reaper due to the reaper deployment not having the resources defined due to our K8S cluster having OPA gatekeeper policy enforcing the requirement.
Behaviou…
-
Hi,
I am interested in using Go to extend Envoy. Envoy TinyGo/WASM would be nice but TinyGo is limited for our purposes.
Cilium proxy however supports extensions in real Go. We don't need BPF.
…
-
**Is your feature request related to a problem? Please describe.**
This feature request is an extention not currently existing
**Describe the solution you'd like**
I would like to be able to export a…
-
**Context**: Running single kubernetes (actually OpenShift) cluster for multiple teams.
**Problem**: A user of one namespace could also assume any role belonging to another team in another namespac…
-
Currently if you write policies in Cilium, you must get your policies correct the first time, otherwise you will start dropping traffic.
Various projects like SELinux have a notion of an "audit" mo…
-
## Goal
| User story |
|:---------------------------------------------------------------------------|
| As a endpoint operator,
| I want to block the end user from logging into third-party tool…
-
**Is your feature request related to a problem? Please describe.**
Currently, cf-for-k8s does not have a contributor strategy or cohesive governance strategy.
**Describe the solution you'd like**
…
-
Some organisations leverage Service Control Policies SCPs (e.g. for cost control) that enforce putting proper tags on your resources. In such scenarios CommandRunner won't be able to create an EC2 ins…