How is Gatekeeper different from OPA?
Compared to using OPA with its sidecar kube-mgmt (aka Gatekeeper v1.0), Gatekeeper introduces the following functionality:
- An extensible, parameterized policy library
- Native Kubernetes CRDs for instantiating the policy library (aka "constraints")
- Native Kubernetes CRDs for extending the policy library (aka "constraint templates")
- Audit functionality
Check out the installation instructions to deploy Gatekeeper components to your Kubernetes cluster.
Please see the Gatekeeper website for more in-depth information.
See the Gatekeeper policy library for a collection of constraint templates and sample constraints that you can use with Gatekeeper.
Community & Contributing
Please refer to Gatekeeper's contribution guide to find out how you can help.
Code of conduct
This project is governed by the CNCF Code of conduct.
For details on how to report vulnerabilities and security release process, please refer to Gatekeeper Security for more information.