Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove need for --replicate flags #10

Closed
tsandall opened this issue Mar 9, 2018 · 4 comments
Closed

Remove need for --replicate flags #10

tsandall opened this issue Mar 9, 2018 · 4 comments
Labels
enhancement

Comments

@tsandall
Copy link
Member

tsandall commented Mar 9, 2018
edited

The policies should be analyzed to determine which Kubernetes resources to replicate into OPA.

For example, given a policy like:

package kubernetes.admission

import data.kubernetes.resources.namespaces
import data.kubernetes.resources.pods

deny[msg] { ... }

We could establish a convention that Kubernetes data is inserted at a specific path (e.g., kubernetes.resources.) Then the policies could be analyzed to determine which resource kinds are required.
@sandeepbhojwani
Copy link

This will be very cool. Any updates on this?

@tsandall
Copy link
Member Author

There hasn't been any work done on this to date. We'll keep it mind as we prioritize things for the next few months.

@shasti86
Copy link

Do we still need this feature? Does gatekeeper support this already? @tsandall

@tsandall
Copy link
Member Author

@shasti86 it's not implemented in gatekeeper AFAIK. It would be nice to have however it's not a priority.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@tsandall @eshepelyuk @sandeepbhojwani @shasti86