helm-opa

command module
v0.0.0-...-0fea606 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 7, 2018 License: Apache-2.0 Imports: 16 Imported by: 0

README

Helm OPA Plugin

CircleCI

This plugin enables you to check your rendered templates files again Open Policy Agent policies to ensure that they match your policies.

Usage

Define policies inside the policies folder in your Chart. e.g. Pods must run as nonRoot:

deny[msg] {
  input.kind = "Deployment"
  not input.spec.template.spec.securityContext.runAsNonRoot = true
  msg = "Containers must not run as root"
}

Run the policy check:

# helm opa CHART
Processing file deployment.yaml
Violations:
- Containers must not run as root
Processing file ingress.yaml
Processing file service.yaml
===
Result: Chart is not compliant

Install

$ helm plugin install https://github.com/eicnix/helm-opa

License

Copyright 2018 Lukas Eichler

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.