Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
constraints		constraints
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
go.mod		go.mod

Repository files navigation

OPA-Gatekeeper-Demo

These are basic rego rules for demo.
There are more useful rules from opa official: https://github.com/open-policy-agent/gatekeeper-library

Requirements

install OPA-Gatekeeper for your Kubernetes Cluster.
You can reference: https://open-policy-agent.github.io/gatekeeper/website/docs/install

Rules

denyallpod: deny any pods creation
image: accept specific container registry when pod creation
label: accept specific label when namespace creation
pod-security-context: deny root privileged container when pod creation

Run

use kubectl apply -f xxx-rule.yaml
use kubectl apply -f xxx-invalid.yaml to test rules.

About

Integrate OPA-Gatekeeper with Kubernetes to demo powerful rego rules.

Apache-2.0 license

Report repository

Releases

No releases published

Packages

No packages published