open-policy-agent/gatekeeper-library
📚 The OPA Gatekeeper policy library
Open Policy AgentApache-2.0
Pinned issues
Issues
- 6
K8sPSPHostNetworkingPorts constraint template not handling exemptImages parameter properly
#556 opened by tmyhu - 2
Recent updates to `k8spsphostnetworkingports` & `k8spspprocmount` break functionality
#592 opened by Markieta - 0
Add CEL code for PSP Policies in library
#541 opened by JaydipGabani - 0
- 10
The example of disallowed/allowed ingress resources in the unique ingress host example has incorrect hostnames
#484 opened by WilliamRockwellEvans - 1
Could we include `system:authenticated` in the set of disallowed subjects in k8sdisallowanonymous template?
#561 opened by julianKatz - 7
- 1
- 0
create a new set of tests with vap generation
#574 opened by sozercan - 1
Improve Rego testing for library
#546 opened by JaydipGabani - 3
poddisruptionbudget policy query
#510 opened by part-time-githubber - 4
Should apparmor always view unconfined as complaint?
#475 opened by fseldow - 5
add cel-based policies
#390 opened by sozercan - 4
Example of pod mutation adding init-container
#492 opened by oreillymj - 0
- 1
- 4
- 2
Website generator appears to only retain the final mutation sample per directory
#446 opened by apeabody - 1
Not able to create statefulset without storageclass with policy k8sallowedstorageclas is used
#469 opened by Sarvindhreddy - 4
- 1
automount-serviceaccount-token ConstraintTemplate does not reflect ServiceAccount settings
#462 opened by owwweiha - 2
Example k8scontainerlimits does not throw error for a deployment but does on a plain Pod creation
#499 opened by ujjwal-sophos - 0
Add colon in message for consistency
#489 opened by apeabody - 1
- 2
- 1
Consolidating Kubernetes PSP-related ConstraintTemplates into a Single Template for Streamlined Migration
#441 opened by Ga13Ou - 13
Constraint to block deployment of pods with containers having either `stdin: true` or `tty: true`
#306 opened by tspearconquest - 4
gatekeeper and PSS
#342 opened by caduceus4 - 2
- 2
Refresh the content in Artifact-hub whenever any of the files within the policy are modified
#375 opened by nilekhc - 0
bump mutate assign api version from alpha to v1
#444 opened by fseldow - 0
Docs exclude kind: AdmissionReview
#400 opened by apeabody - 3
Update Privileged Container Policy
#371 opened by michaelm-88 - 10
- 2
Match everything in a constraint
#397 opened by asierraq - 4
- 1
enforcementAction: deny is not respected when creating/changing to an incorrect PDB
#359 opened by christiancarle-bakery - 0
- 0
Migrate require-sync CI to future gatekeeper 3.13 requires-sync-data unmarshal function
#345 opened by apeabody - 1
Extend PodDisruptionPolicy to Include MinAvailable and MaxAvailable Percentages
#343 opened by pallav-G - 1
- 1
[artifact hub] add CNCF and official labels
#316 opened by sozercan - 3
- 2
- 0
fix version check in Artifact Hub generation
#331 opened by nilekhc - 1
enable dependabot
#321 opened by nilekhc - 2
website: automate generation of sidebar
#299 opened by sozercan - 4
- 0
proc-mount rego has potential bug
#311 opened by fseldow - 0
K8sReplicaLimits violation msg has hardcoded kind
#308 opened by apeabody