k8s: podsecuritypolicy via OPA

Question

garethahealy opened this issue 4 years ago · 4 comments

Can we OPA'erize:

This would probably need to be tested on vanilla k8s or on OCP with SCCs least enforcing, just to stop them interfering - needs a quick check.

Answer 1 · 2020-11-13T21:43:24.000Z

(just came to like 'OPA'erize' 🙈)

Answer 2 · 2021-04-08T13:25:35.000Z

@truncj ; hey, saw you mentioned you might pick this up on the CoP call agenda. Any progress / luck in getting time?

Answer 3 · 2021-04-08T20:24:54.000Z

@garethahealy yup! took another look at it today and made some progress. I'll push up the changes and ask for some feedback tomorrow.

Answer 4 · 2023-11-14T10:42:13.000Z

stale, didn't get any time/traction.