Open AndresPinerosZen opened 8 months ago
FabianKramm
commented
8 months ago Thanks for the issue @AndresPinerosZen! Yeah thats a good idea, we are currently pretty short staffed on JsPolicy, so if somebody wants to create a couple of common rules, we would be more than happy to merge that PR!
epasham
commented
4 months ago Can we create a Policy-Library directory place holder for storing the examples. we will build the rules for all the examples from OPA library so that people have choice to chose between jspolicy and other policy management tools
epasham
commented
4 months ago I have picked up below 10 references from OPA library, we will convert them jspolicy compatible and then will check into the repo BlockNodePort Service Type BlockLoadBalancer Service Type AllowedRepos DisAllowedRepos DisAllowedTags ReplicaLimits RequiredLabels RequiredAnnotations RequiredProbes AllowedStorageClass
epasham
commented
4 months ago Added policy libray and included below samples BlockNodePort Service Type BlockLoadBalancer Service Type AllowedRepos
Submitted the pull request. please review and merge it. will be adding more samples from the list above
It would be nice if instead of having an "examples" folder there was a folder with actual implementation of the common rules that competitors already have. Things like "Don't allow the latest tag in any PodTemplate/JobTemplate (Deployment, Job, CronJob, Statefulset...) container image".
Having a library of rules for commonly used policies is an incentive for people to adopt the project.
This would also help people compare the difficulty of writing policies in Rego vs JSPolicy. Having a mapping between common OPA policies and their JSPolicy counterpart would help to demonstrate the "Easier & Faster policies" point.