Generally, design docs are on Google docs:
- Namespace-Scoped Constraints
- Sync Resource
- External Data Response Cache
- Export violations using pub-sub
- Gator SyncSet Support
- Gatekeeper V3 Accepted Design
- Dynamic Watch Design for OPA/Gatekeeper
- Architecture Diagram
- Audit Design Doc
- Dry-Run Design Doc
- Constraint Framework Client Interface
- Logging Design Doc
- Namespace Exclusion Design doc
- Metrics Design Issue
- Gatekeeper v1beta1 CRD Deprecation
- Compiler Sharding Design
- Template e2e Testing Design
- ByPod Status Design
- Mutation Design - 4th Edition (current approach)
- External Data
- gator validate
- External Data TLS Support
- See milestones
These docs may not be design docs in themselves, but seek to influence design decisions
- Mutation Convergence Proof
- This looks at the elements of mutation that allow us to assert that any combination of mutators should converge and should serve as a guide when considering changes in behavior to mutation.
- Mutation Dynamics
- A dissection of the mutation problem space, attempting to break down the salient behavioral elements and figure out what's needed for a user-friendly set of mutation primitives.
- Mutation Transience
- Looking at how a mutation webhook may behave during configuration changes and discussing what that might mean in terms of necessary status fields and best practices for writing mutators.
- Finalizers in OPA Gatekeeper
- This doc discusses the impact the existence of finalizers has on running OPA Gatekeeper. Its points have either been addressed or are on track to being addressed.