Skip to content

Kubewarden is a policy engine for Kubernetes. It helps with keeping your Kubernetes clusters secure πŸ” and compliant βœ”οΈ

Kubewarden policies can be written using regular programming languages or Domain Specific Languages (DSL).

Policies are compiled into WebAssembly modules that are then distributed using traditional container registries.

If you want more information about the organization of the project, please check the community repository.

Getting Started πŸ“š

Take a look at our documentation πŸ“– Stay up to date by reading our official blog πŸ“£ and by following us on Twitter.

Get in touch with us on Slack: join the kubewarden channel hosted by the official Kubernetes workspace πŸ‘¨β€πŸ’» πŸ’¬ πŸ‘©β€πŸ’»

Enforcing Policies πŸ”’

Discover ready to use policies by visiting ArtifactHub πŸ“¦

Don't forget to take a look at kwctl, our handy multi-purpose tool for managing policies πŸ› οΈ 🧰

Writing policies πŸ“

Interested in writing a new policy?

  1. Checkout the step-by-step tutorials inside of our documentation πŸ“–
  2. Add kwctl to your toolbox πŸ› οΈ 🧰
  3. Pick one of the languages from below
Language Project Template SDK Validation Mutation Maturity
Rust :octocat: :octocat: βœ”οΈ βœ”οΈ πŸ”
Go (TinyGo) :octocat: :octocat: βœ”οΈ βœ”οΈ ↗️
Swift :octocat: :octocat: βœ”οΈ βœ”οΈ ↗️
Rego - Open Policy Agent :octocat: Rego built-ins βœ”οΈ ❌ πŸ”
Rego - Gatekeeper :octocat: Rego built-ins βœ”οΈ ❌ πŸ”
DotNet ❌ :octocat: βœ”οΈ βœ”οΈ ↗️

Can't find your favorite language? πŸ” Reach out to us and let's have a chat!

Useful GitHub tags :octocat: 🏷️

Use these tags to find repositories over all GitHub πŸ—ΊοΈ 🌌

Purpose Tag
Policy Template kubewarden-policy-template
Policy kubewarden-policy

Contributing πŸ™Œ

That's fantastic news! πŸ₯³

Other than our policy templates, policy SDKs and policies, we have the following "core" projects:

Project Scope Language
kubewarden-controller Kubernetes integration point Go
policy-server Run Kubewarden policies Rust
kwctl Kubewarden policy multi-purpose cli tool Rust

Pinned

  1. kwctl kwctl Public

    Go-to CLI tool for Kubewarden users

    Rust 70 15

  2. policy-server policy-server Public

    Webhook server that evaluates WebAssembly policies to validate Kubernetes requests

    Rust 131 16

  3. kubewarden-controller kubewarden-controller Public

    Manage admission policies in your Kubernetes cluster with ease

    Go 177 28

  4. rust-policy-template rust-policy-template Public

    A Kubewarden rust policy template to be used with cargo-generate

    Rust 7 6

  5. go-policy-template go-policy-template Public template

    A template repository to quickly scaffold a Kubewarden policy written with Go language

    Go 9 14

  6. swift-policy-template swift-policy-template Public template

    A template repository to quickly scaffold a Kubewarden policy written with Swift language

    Swift 1 1

Repositories

Showing 10 of 94 repositories