Skip to content

open-policy-agent/gatekeeper

master
Switch branches/tags
Code

Latest commit

* add EnforcementAction field to ExpansionTemplate CRD

Signed-off-by: davis-haba <davishaba@google.com>

* tests for expansion enforcement action override

Signed-off-by: davis-haba <davishaba@google.com>

* business logic for enforcementAction override, e2e tests

Signed-off-by: davis-haba <davishaba@google.com>

* cleanup mutations before expansion e2e test

Signed-off-by: davis-haba <davishaba@google.com>

Signed-off-by: davis-haba <davishaba@google.com>
Co-authored-by: Rita Zhang <rita.z.zhang@gmail.com>
512d97e

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time

Gatekeeper

How is Gatekeeper different from OPA?

Compared to using OPA with its sidecar kube-mgmt (aka Gatekeeper v1.0), Gatekeeper introduces the following functionality:

  • An extensible, parameterized policy library
  • Native Kubernetes CRDs for instantiating the policy library (aka "constraints")
  • Native Kubernetes CRDs for extending the policy library (aka "constraint templates")
  • Audit functionality

Getting started

Check out the installation instructions to deploy Gatekeeper components to your Kubernetes cluster.

Documentation

Please see the Gatekeeper website for more in-depth information.

Policy Library

See the Gatekeeper policy library for a collection of constraint templates and sample constraints that you can use with Gatekeeper.

Community & Contributing

Please refer to Gatekeeper's contribution guide to find out how you can help.

Code of conduct

This project is governed by the CNCF Code of conduct.

Security

For details on how to report vulnerabilities and security release process, please refer to Gatekeeper Security for more information.