Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Deploy Gatekeeper with REGO policies #106

Open
xunholy opened this issue Oct 16, 2020 · 3 comments · Fixed by #131
Open

Deploy Gatekeeper with REGO policies #106

xunholy opened this issue Oct 16, 2020 · 3 comments · Fixed by #131
Labels
enhancement New feature or request feature_request good first issue Good for newcomers prio:high high priority

Comments

@xunholy
Copy link
Owner

xunholy commented Oct 16, 2020

Details

Deploying Gatekeeper into the cluster with the CIS benchmark policies written in the raspbernetes/k8s-security-policies repository.
@xunholy xunholy added the enhancement New feature or request label Oct 16, 2020
@issue-label-bot
Copy link

Issue-Label Bot is automatically applying the label feature_request to this issue, with a confidence of 0.98. Please mark this comment with 👍 or 👎 to give our bot feedback!

Links: app homepage, dashboard and code for this bot.

@xunholy xunholy added good first issue Good for newcomers prio:high high priority labels Oct 16, 2020
@xunholy
Copy link
Owner Author

xunholy commented Oct 25, 2020
edited
Loading

Various searches have resulted in no results for decent Grafana dashboards that can be leveraged for Gatekeeper, one will need to be created. Key criteria are violations per namespaces, with scope to breakdown per resource or label.

@xunholy xunholy mentioned this issue Oct 25, 2020
Merged
4 tasks
@xunholy xunholy reopened this Nov 3, 2020
@xunholy
Copy link
Owner Author

xunholy commented Nov 3, 2020
edited
Loading

Gatekeeper is deployed and running on version 3.2.0-rc.1 however, constraints are not being applied to the cluster.

https://github.com/plexsystems/konstraint will be quite handy to render the rego files in the security policies repo

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request feature_request good first issue Good for newcomers prio:high high priority
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Adding gatekeeper version 3.2.0-rc.1 xunholy/k8s-gitops
1 participant
@xunholy