-
We need docs that explain how people can extend Gatekeeper with their own templates. For example, we need to explain:
* Deny rule semantics
* The structure of the input document
* How to use JSON…
-
### Background
The `lib_exempt_container.rego` file is replicated in many different locations.
1. [general/containerlimits](https://github.com/open-policy-agent/gatekeeper-library/blob/master/src/…
-
OK, the question isn't the greatest 😬 - I'll try to explain a bit more:
We have a separate set of "build" nodes for CI/CD, but this could be applied to any scenario where you have a separate set of…
-
**Software version numbers**
Client Version: v1.25.4
Kustomize Version: v4.5.7
Server Version: v1.25.4
**Describe the bug**
Installing 'k-rail' helm chart fails with below error:
helm install …
-
Add a configurable webhook to call when violations are enforced.
It should have a configurable endpoint, method, and body that can be templated via the [go template format](https://golang.org/pkg/t…
-
Add a mutation policy to make `terminationMessagePolicy: FallbackToLogsOnError` default for containers. This will help users determine why a container exited when looking at their logs.
-
I think we should control input from the user (enforcement by default, and let admin to do no control)
In user mode there is no need to implement some control because api only use user privilege.
…
-
**Rancher Server Setup**
- Rancher version: 2.6.7
- Installation option (Docker install/Helm Chart): Helm
- If Helm Chart, Kubernetes Cluster and version (RKE1, RKE2, k3s, EKS, etc): EKS 1.23
-…
-
opa seems to support webassembly ... it would be awesome if a policy could we a webassembly blob
https://youtu.be/two3TzF9mVY?list=WL&t=1185
I wanted to hear your thoughts on how hard that would be …
-
# Summary
What change needs making?
There is a [workflow default](https://argo-workflows.readthedocs.io/en/latest/default-workflow-specs/), but not one for crons.
## Use Cases
When would…