Gatekeeper

How is Gatekeeper different from OPA?

Compared to using OPA with its sidecar kube-mgmt (aka Gatekeeper v1.0), Gatekeeper introduces the following functionality:

An extensible, parameterized policy library
Native Kubernetes CRDs for instantiating the policy library (aka "constraints")
Native Kubernetes CRDs for extending the policy library (aka "constraint templates")
Native Kubernetes CRDs for mutation support
Audit functionality
External data support

Getting started

Check out the installation instructions to deploy Gatekeeper components to your Kubernetes cluster.

Documentation

Please see the Gatekeeper website for more in-depth information.

Policy Library

See the Gatekeeper policy library for a collection of constraint templates and sample constraints that you can use with Gatekeeper.

Community & Contributing

Please refer to Gatekeeper's contribution guide to find out how you can help.

Code of conduct

This project is governed by the CNCF Code of conduct.

Security

For details on how to report vulnerabilities and security release process, please refer to Gatekeeper Security for more information.

Name	Name	Last commit message	Last commit date
Latest commit JaydipGabani chore: adding helm variable for mutating subresources (#3916 ) Apr 21, 2025 990586a · Apr 21, 2025 History 1,797 Commits
.github	.github	chore: bump codecov/codecov-action from 5.4.0 to 5.4.2 in the all gro…	Apr 21, 2025
apis	apis	chore: adding enforcement point status, vapgeneratestatus (#3686 )	Nov 21, 2024
build	build	chore: bump golang from `75e6700` to `00eccd4` in /build/tooling (#3910 )	Apr 14, 2025
charts/gatekeeper	charts/gatekeeper	chore: Prepare v3.20.0-beta.0 release (#3904 )	Apr 9, 2025
cmd	cmd	chore: adding helm variable for mutating subresources (#3916 )	Apr 21, 2025
config	config	chore: Add `pods/resize` subresource to mutating and validating webho…	Apr 15, 2025
demo	demo	docs: Use markdown emphasize-syntax in demo documentation (#3786 )	Jan 17, 2025
deploy	deploy	chore: Prepare v3.20.0-beta.0 release (#3904 )	Apr 9, 2025
deprecated	deprecated	Update to admissionregistration.k8s.io/v1 (#1250 )	May 6, 2021
docs	docs	docs: Update milestone release cadence (#3657 )	Oct 22, 2024
example	example	Move examples and docs to apiVersion: templates.gatekeeper.sh/v1 (#1926 )	Mar 22, 2022
hack	hack	Migrate to using kubebuilder. (#41 )	Feb 1, 2019
library	library	Remove library files and link to new library repo in README (#815 )	Sep 12, 2020
manifest_staging	manifest_staging	chore: adding helm variable for mutating subresources (#3916 )	Apr 21, 2025
pkg	pkg	feat: mapping dryrun to audit in vapb (#3915 )	Apr 21, 2025
test	test	feat: mapping dryrun to audit in vapb (#3915 )	Apr 21, 2025
third_party	third_party	ci: fix license lint (#3279 )	Feb 22, 2024
vendor	vendor	chore: bump golang.org/x/net from 0.37.0 to 0.38.0 (#3920 )	Apr 17, 2025
website	website	chore: bump http-proxy-middleware from 2.0.7 to 2.0.9 in /website (#3922	Apr 21, 2025
.dockerignore	.dockerignore	Add prefix-based matching for namespaces and excludedNamespaces (#1404 )	Jul 12, 2021
.gitattributes	.gitattributes	Ensure .sh files retain LF when checked out on Windows. (#55 )	Jul 2, 2019
.gitignore	.gitignore	feat: Adding pubsub interface (#2538 )	May 25, 2023
.golangci.yaml	.golangci.yaml	chore: update opa v1 with v0 rego compat (#3798 )	Feb 6, 2025
.trivyignore	.trivyignore	ci: bump trivy version (#2737 )	May 4, 2023
CODE_OF_CONDUCT.md	CODE_OF_CONDUCT.md	Clean up README for the CNCF contribution (#39 )	Jan 9, 2019
CONTRIBUTING.md	CONTRIBUTING.md	docs: add contributing guide (#1945 )	Apr 1, 2022
Dockerfile	Dockerfile	chore: bump golang from `75e6700` to `00eccd4` (#3911 )	Apr 14, 2025
LICENSE	LICENSE	Updating the LICENSE to Apache v2 (#33 )	Jan 8, 2019
Makefile	Makefile	chore: Prepare v3.20.0-beta.0 release (#3904 )	Apr 9, 2025
NOTICE	NOTICE	Implement dynamic watch manager responsible for event dispatch to wat…	Mar 20, 2020
PROJECT	PROJECT	Mutation Objects (#916 )	Nov 11, 2020
README.md	README.md	docs: update opa version in readme (#3330 )	Mar 26, 2024
SECURITY.md	SECURITY.md	docs: add contributing guide (#1945 )	Apr 1, 2022
SECURITY_AUDIT.pdf	SECURITY_AUDIT.pdf	Add report from latest security audit	Mar 31, 2020
Tiltfile	Tiltfile	ci: bump to go 1.23 in gha (#3699 )	Nov 15, 2024
_typos.toml	_typos.toml	ci: gha to check for typos in docs (#3703 )	Nov 18, 2024
crd.Dockerfile	crd.Dockerfile	chore: bump kubectl from v1.32.2 to v1.32.3 (#3890 )	Mar 31, 2025
gator.Dockerfile	gator.Dockerfile	chore: bump golang from `75e6700` to `00eccd4` (#3911 )	Apr 14, 2025
go.mod	go.mod	chore: bump golang.org/x/net from 0.37.0 to 0.38.0 (#3920 )	Apr 17, 2025
go.sum	go.sum	chore: bump golang.org/x/net from 0.37.0 to 0.38.0 (#3920 )	Apr 17, 2025
helm_migrate.sh	helm_migrate.sh	feat: deprecate Helm 2 (#1179 )	Apr 7, 2021
main.go	main.go	chore: updating pubsub system (#3646 )	Feb 12, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Gatekeeper

How is Gatekeeper different from OPA?

Getting started

Documentation

Policy Library

Community & Contributing

Code of conduct

Security

About

Releases 119

Packages 5

Used by 109

Contributors 228

Languages

License

open-policy-agent/gatekeeper

Folders and files

Latest commit

History

Repository files navigation

Gatekeeper

How is Gatekeeper different from OPA?

Getting started

Documentation

Policy Library

Community & Contributing

Code of conduct

Security

About

Topics

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Releases 119

Packages 5

Used by 109

Contributors 228

Languages