Issues
- 2
- 2
[Sample] policy to check if the resources of an object are within the upperbound and lowerbound as suggested by vpa recommender
#948 opened by swastik959 - 0
All tested images to be stored in Kyverno org
#1102 opened by chipzoller - 1
- 0
restrict-sysctls: simplify CEL expressions
#1100 opened by JimBugwadia - 0
restrict-seccomp: simplify CEL expressions
#1099 opened by JimBugwadia - 0
disallow-selinux: simplify CEL expressions
#1098 opened by JimBugwadia - 0
disallow-proc-mount: simplify CEL expressions
#1097 opened by JimBugwadia - 0
- 0
disallow-host-process: simplify CEL expressions
#1095 opened by JimBugwadia - 0
disallow-host-ports-range: simplify CEL expressions
#1094 opened by JimBugwadia - 0
disallow-host-ports: simplify CEL expressions
#1093 opened by JimBugwadia - 0
disallow-host-path: simplify CEL expressions
#1092 opened by JimBugwadia - 0
disallow-host-namespaces: simplify CEL expressions
#1091 opened by JimBugwadia - 5
[Enhancement] Update CEL policies to make use of optionals and variables to remove redundant expressions
#1058 opened by Chandan-DK - 0
disallow-capabilities: simplify CEL expressions
#1090 opened by JimBugwadia - 1
[Sample] Mount volumes for ephemeral containers
#1088 opened by realshuting - 0
Block Large Images
#1083 opened by davvyin - 0
- 1
[Enhancement]: Replace enforce/audit (deprecated) with Enforce/Audit on sample policies
#1061 opened by mohamedawnallah - 1
[Enhancement]: Replace enforce/audit (deprecated) with Enforce/Audit on sample policies
#1060 opened by mohamedawnallah - 4
[Bug] Sync Secrets failing to keep secrets in sync
#1056 opened by eitah - 1
Extend chainsaw tests for additional container types
#1012 opened by JimBugwadia - 2
- 2
- 0
- 0
Question: exclusions to PodSecurity sub-rule
#1040 opened by sachintiptur - 1
[Bug] Generate rule on pod creation triggers twice
#1034 opened by marevers - 4
PolicyException for a pod with multiple violations
#1017 opened by erkerb4 - 5
[Sample] Best Practices for PDBs
#969 opened by JimBugwadia - 1
[Chainsaw Tests] Test generated VAPs of pod security cel policies with Chainsaw
#1003 opened by Chandan-DK - 0
Block Stale Images
#986 opened by challakiran334 - 7
- 2
[Chainsaw tests] Write test for cleanup empty replica sets sample policy
#952 opened by jannisrelakis - 2
- 1
- 2
Error from server: error when creating "allowed_container.yaml": admission webhook "validate.kyverno.svc-fail" denied the request:
#979 opened by amentee - 0
- 0
[Bug] Variable `image` is not accessible in `spec.rules.verifyImages.repository` field
#962 opened by angapov - 4
- 3
Prepend Image Registry policy should not apply on `UPDATE` for `initContainers`
#954 opened by ShaylanDias - 0
- 1
- 3
- 3
[Need help] prevent-bare-pod custom to bypass node-shell(nsenter) pod in use node-shell command
#941 opened by younsl - 2
- 0
- 6
Require imagePullPolicy Always
#938 opened by Kellen275 - 9
[Sample] Different forms of hosts in ingresses
#924 opened by RelativeSure - 1
ingressClassName update not working
#917 opened by clcc2019