magtape
policy-as-code-war
magtape | policy-as-code-war | |
---|---|---|
1 | 3 | |
144 | 61 | |
0.0% | - | |
0.0 | 0.0 | |
8 days ago | over 2 years ago | |
Python | ||
Apache License 2.0 | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
magtape
-
Is it possible to set a per pod min and max request for CPU and memory?
Anyway, just to point out, there is a technical solution for this that you suggested. We are in the process of deploying Magtape which is a policy as code engine based off of OPA. I wasn't even thinking that route, but I'm sure we can write a policy to check requests and make sure they do not cross a certain boundary.
policy-as-code-war
-
First look to OPA(Open Policy Agent) - Beginner Level
I prepared a repository that shows the comparison between Kyverno and Gatekeeper behind the concept called "Policy as Code War" --> https://github.com/developer-guy/policy-as-code-war :)
- Policy as Code War: OPA Gatekeeper vs. Kyverno
- Policy as Code WAR - OPA Gatekeeper vs Kyverno
What are some alternatives?
OPAL - Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...)
checkov - Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
pyngrok - A Python wrapper for ngrok
connaisseur - An admission controller that integrates Container Image Signature Verification into a Kubernetes cluster
awesome-opa - A curated list of OPA related tools, frameworks and articles
dj-stripe - dj-stripe automatically syncs your Stripe Data to your local database as pre-implemented Django Models allowing you to use the Django ORM, in your code, to work with the data making it easier and faster.
konstraint - A policy management tool for interacting with Gatekeeper
FreeIPA - Mirror of FreeIPA, an integrated security information management solution
Kyverno - Kubernetes Native Policy Management
demo-python - Demo of using Cerbos with Python to check access to a holiday request system.
trivy-operator - Kubernetes Operator based on the open-source container vulnerability scanner Trivy.