Policy to deny pod running with high vulnerabilities
garethahealy opened this issue · 2 comments
garethahealy commented
Investigate if it's possible to hookup the data from the below operator to deny images that are bad:
garethahealy commented
@sabre1041 ; do you know if there is anything already in the quay ecosystem that would do this already?
garethahealy commented
can be solved by RHACS (https://www.redhat.com/en/technologies/cloud-computing/openshift/advanced-cluster-security-kubernetes) or another admission controller (https://kyverno.io/policies/other/rec-req/require-vulnerability-scan/require-vulnerability-scan/)