search

datreeio / datree

Prevent Kubernetes misconfigurations from reaching production (again 😀 )! From code to cloud, Datree provides an E2E policy enforcement solution to run automatic checks for rule violations. See our docs: https://hub.datree.io
https://datree.io
Apache License 2.0
6.4k stars 359 forks source link

Disable some of built-in rules? #942

Closed psyhomb closed 1 year ago

psyhomb commented 1 year ago

I would like to disable CONTAINERS_MISSING_IMAGE_VALUE_VERSION rule on the client side, is there an easy way to do it? I'm aware it's possible to enable/disable any of the built-in rules from the UI (server side) but I would like to disable some of these built-in rules on the client side (client configuration file), is that possible? Thanks

❌  Ensure each container image has a pinned (tag) version  [1 occurrence]
    Policy as code identifier: CONTAINERS_MISSING_IMAGE_VALUE_VERSION
    How to fix: https://hub.datree.io/built-in-rules/ensure-image-pinned-version
    - metadata.name: test (kind: Deployment)                                                                                            
      > key: spec.template.spec.containers.0.image (line: 76:16)                                                                                                                                                                                                                            

πŸ’‘  Incorrect value for key `image` - specify an image version to avoid unpleasant "version surprises" in the future
psyhomb commented 1 year ago

Ok I have found a solution, I can use --policy-config flag and pass local policy file with list of rules to run against.