k-rail
konstraint
k-rail | konstraint | |
---|---|---|
3 | 3 | |
448 | 373 | |
- | -0.8% | |
0.0 | 8.1 | |
over 1 year ago | 8 days ago | |
Go | Go | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
k-rail
- Is OPA Gatekeeper the best solution for writing policies for k8s clusters?
-
Writing a Kubernetes Admission Controller
k-rail
-
Checking Your --privileged Container
k-rail: https://github.com/cruise-automation/k-rail
konstraint
- Is OPA Gatekeeper the best solution for writing policies for k8s clusters?
- OPA Rego is ridiculously confusing - best way to learn it?
-
How would you write policies in .rego file and use them in OPA-Gatekeeper?
The konstraint tool is quite popular for this use case: https://github.com/plexsystems/konstraint
What are some alternatives?
gatekeeper - 🐊 Gatekeeper - Policy Controller for Kubernetes
jspolicy - jsPolicy - Easier & Faster Kubernetes Policies using JavaScript or TypeScript
Kyverno - Kubernetes Native Policy Management
bridgekeeper - Kubernetes policy enforcement using python
datree - Prevent Kubernetes misconfigurations from reaching production (again 😤 )! From code to cloud, Datree provides an E2E policy enforcement solution to run automatic checks for rule violations. See our docs: https://hub.datree.io
docker-security-checker - Dockerfile Security Checker using OPA Rego policies with Conftest
kubeclarity - KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems
policy-as-code-war - OPA Gatekeeper vs Kyverno
sysbox - An open-source, next-generation "runc" that empowers rootless containers to run workloads such as Systemd, Docker, Kubernetes, just like VMs.
regal - Regal is a linter for Rego, with the goal of making your Rego magnificent!
kubernetes - Production-Grade Container Scheduling and Management
library - The Open Policy Agent project standard library.