issues
search
XenitAB
/
gatekeeper-library
Collection of OPA Gatekeeper policies that can be used in your Kubernetes cluster.
MIT License
14
stars
7
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Update dependencies
#97
phillebaba
closed
1 year ago
0
Fix modifySet
#96
NissesSenap
closed
1 year ago
0
Disable a deployment from being able to update it's service account using noupdateserviceaccount
#95
NissesSenap
opened
1 year ago
0
modifySet helm chart
#94
NissesSenap
closed
1 year ago
0
Add modifyset for removing Azure spot taint
#93
jimgus
closed
1 year ago
0
Update github actions
#92
NissesSenap
closed
1 year ago
0
Update to latest upstream lib
#91
NissesSenap
closed
1 year ago
0
Review k8s pod-security-standards to match library
#90
NissesSenap
opened
1 year ago
4
Change xenit k8s psp rule to lowerCase
#89
NissesSenap
closed
1 year ago
0
k8s psp readonly rootfilesystem xenit remove ephemeral
#88
NissesSenap
closed
1 year ago
0
Update OPA-, kind and disable psp
#87
NissesSenap
closed
1 year ago
0
Add mutation for ephemeral containers
#86
NissesSenap
closed
1 year ago
3
ephemeralContainer mutatingwebhooks
#85
NissesSenap
closed
1 year ago
1
k8s 1.23 kubectl debug only allow single type of image
#84
NissesSenap
opened
2 years ago
0
Update gatekeeper-lib to support k8s 1.23 checks
#83
NissesSenap
closed
2 years ago
1
Update github action versions
#82
phillebaba
closed
2 years ago
0
Latest gatekeeper lib with ephemeral containers and removal of duplicate lib
#81
NissesSenap
closed
2 years ago
0
Update submodule
#80
phillebaba
closed
2 years ago
0
HPA minReplicas vs PDB minAvailable check
#79
NissesSenap
opened
2 years ago
0
Review gatekeepr-libary rules vs upstream
#78
NissesSenap
opened
2 years ago
0
disable rolebinding to default service account
#77
NissesSenap
opened
2 years ago
0
Update name to match ingress class instead of pod class
#76
NissesSenap
closed
2 years ago
1
Update kubectl image used in post upgrade hook
#75
phillebaba
closed
2 years ago
0
Pod disallow service account token by default
#74
NissesSenap
closed
2 years ago
1
Update init-container-capabilities assign name
#73
NissesSenap
closed
2 years ago
0
Update submodule to latest version
#72
NissesSenap
closed
2 years ago
0
Update name init-container-capabilities to init-container-drop-capabilities
#71
NissesSenap
closed
2 years ago
0
Add rule to require ingress class name
#70
phillebaba
closed
2 years ago
1
Ephemeral containers security enforcement
#69
phillebaba
closed
2 years ago
0
Add seccomp RuntimeDefault
#68
NissesSenap
closed
2 years ago
1
Not only drop NET_RAW but also CAP_SYS_ADMIN
#67
NissesSenap
closed
2 years ago
1
Update upstream to latest changes
#66
NissesSenap
closed
2 years ago
0
Add pathTests to container-drop-net-raw
#65
NissesSenap
opened
2 years ago
0
Drop CAP_SYS_ADMIN through mutating webhook and add a default seccomp profile
#64
NissesSenap
closed
2 years ago
4
set seccompProfile to RuntimeDefault unless defined
#63
NissesSenap
closed
2 years ago
0
Drop capabilities CAP_SYS_ADMIN or all by default
#62
NissesSenap
closed
2 years ago
4
Update CRD versions
#61
phillebaba
closed
2 years ago
0
Switch to gator CLI for testing
#60
phillebaba
opened
2 years ago
1
Update external library
#59
phillebaba
closed
2 years ago
0
Set Helm chart version at publish
#58
jimgus
closed
2 years ago
0
Update helm chart
#57
jimgus
closed
2 years ago
0
Update submodule
#56
jimgus
closed
2 years ago
0
Add assigns for init containers
#55
jimgus
closed
2 years ago
1
Update major version of yq in Makefile
#54
marulkan
closed
2 years ago
4
Version 4.X of yq can't be used for "make generate"
#53
marulkan
closed
2 years ago
1
Revert "Update generated files to latest version"
#52
NissesSenap
closed
2 years ago
0
Add helm chart labels to config
#51
NissesSenap
closed
2 years ago
0
Update gatekeeper-libary to latest release
#50
NissesSenap
closed
2 years ago
0
[Feature] mutations for init containers
#49
NissesSenap
closed
2 years ago
1
drop-net-raw don't understand ALL
#48
NissesSenap
closed
2 years ago
1
Next