gatekeeper

command module

v3.15.1 Latest Latest Go to latest Published: Mar 12, 2024 License: Apache-2.0 Imports: 59 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/open-policy-agent/gatekeeper

Links

Open Source Insights

README ¶

Gatekeeper

How is Gatekeeper different from OPA?

Compared to using OPA with its sidecar kube-mgmt (aka Gatekeeper v1.0), Gatekeeper introduces the following functionality:

An extensible, parameterized policy library
Native Kubernetes CRDs for instantiating the policy library (aka "constraints")
Native Kubernetes CRDs for extending the policy library (aka "constraint templates")
Native Kubernetes CRDs for mutation support
Audit functionality
External data support

Getting started

Check out the installation instructions to deploy Gatekeeper components to your Kubernetes cluster.

Documentation

Please see the Gatekeeper website for more in-depth information.

Policy Library

See the Gatekeeper policy library for a collection of constraint templates and sample constraints that you can use with Gatekeeper.

Community & Contributing

Please refer to Gatekeeper's contribution guide to find out how you can help.

Code of conduct

This project is governed by the CNCF Code of conduct.

Security

For details on how to report vulnerabilities and security release process, please refer to Gatekeeper Security for more information.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
apis Package apis contains Kubernetes API groups.	Package apis contains Kubernetes API groups.
config/v1alpha1 Package v1alpha1 contains API Schema definitions for the config v1alpha1 API group +kubebuilder:object:generate=true +groupName=config.gatekeeper.sh	Package v1alpha1 contains API Schema definitions for the config v1alpha1 API group +kubebuilder:object:generate=true +groupName=config.gatekeeper.sh
expansion/unversioned Package unversioned contains the internal representation of expansion objects	Package unversioned contains the internal representation of expansion objects
expansion/v1alpha1 +k8s:conversion-gen=github.com/open-policy-agent/gatekeeper/v3/apis/expansion/unversioned -external-types=github.com/open-policy-agent/gatekeeper/v3/apis/expansion/v1alpha1	+k8s:conversion-gen=github.com/open-policy-agent/gatekeeper/v3/apis/expansion/unversioned -external-types=github.com/open-policy-agent/gatekeeper/v3/apis/expansion/v1alpha1
expansion/v1beta1 +k8s:conversion-gen=github.com/open-policy-agent/gatekeeper/v3/apis/expansion/unversioned -external-types=github.com/open-policy-agent/gatekeeper/v3/apis/expansion/v1beta1	+k8s:conversion-gen=github.com/open-policy-agent/gatekeeper/v3/apis/expansion/unversioned -external-types=github.com/open-policy-agent/gatekeeper/v3/apis/expansion/v1beta1
mutations/unversioned Package unversioned contains the internal representation of mutator objects	Package unversioned contains the internal representation of mutator objects
mutations/v1 +k8s:conversion-gen=github.com/open-policy-agent/gatekeeper/v3/apis/mutations/unversioned -external-types=github.com/open-policy-agent/gatekeeper/v3/apis/mutations/v1beta1	+k8s:conversion-gen=github.com/open-policy-agent/gatekeeper/v3/apis/mutations/unversioned -external-types=github.com/open-policy-agent/gatekeeper/v3/apis/mutations/v1beta1
mutations/v1alpha1 +k8s:conversion-gen=github.com/open-policy-agent/gatekeeper/v3/apis/mutations/unversioned -external-types=github.com/open-policy-agent/gatekeeper/v3/apis/mutations/v1alpha1	+k8s:conversion-gen=github.com/open-policy-agent/gatekeeper/v3/apis/mutations/unversioned -external-types=github.com/open-policy-agent/gatekeeper/v3/apis/mutations/v1alpha1
mutations/v1beta1 +k8s:conversion-gen=github.com/open-policy-agent/gatekeeper/v3/apis/mutations/unversioned -external-types=github.com/open-policy-agent/gatekeeper/v3/apis/mutations/v1beta1	+k8s:conversion-gen=github.com/open-policy-agent/gatekeeper/v3/apis/mutations/unversioned -external-types=github.com/open-policy-agent/gatekeeper/v3/apis/mutations/v1beta1
status/v1beta1 Package v1beta1 contains API Schema definitions for the status v1beta1 API group +kubebuilder:object:generate=true +groupName=status.gatekeeper.sh	Package v1beta1 contains API Schema definitions for the status v1beta1 API group +kubebuilder:object:generate=true +groupName=status.gatekeeper.sh
syncset/v1alpha1 Package v1alpha1 contains API Schema definitions for the SyncSet v1alpha1 API group +kubebuilder:object:generate=true +groupName=syncset.gatekeeper.sh	Package v1alpha1 contains API Schema definitions for the SyncSet v1alpha1 API group +kubebuilder:object:generate=true +groupName=syncset.gatekeeper.sh
cmd
build/helmify
gator
gator/expand
gator/test
gator/util
gator/verify
pkg
audit
cachemanager
cachemanager/aggregator
cachemanager/parser
controller
controller/config
controller/config/process
controller/constraint
controller/constraintstatus
controller/constrainttemplate
controller/constrainttemplatestatus
controller/expansion
controller/expansionstatus
controller/externaldata
controller/mutators
controller/mutators/core
controller/mutators/instances
controller/mutatorstatus
controller/pubsub
controller/sync
controller/syncset
expansion
expansion/fixtures
externaldata
fakes Package fakes defines methods for instantiating objects which act like resources on a Kubernetes cluster, but are not intended to actually be instantiated on a real, production cluster.	Package fakes defines methods for instantiating objects which act like resources on a Kubernetes cluster, but are not intended to actually be instantiated on a real, production cluster.
gator
gator/expand
gator/fixtures fixtures package contains commonly used ConstraintTemplates, Constraints, Objects and other k8s resources mostly used for testing.	fixtures package contains commonly used ConstraintTemplates, Constraints, Objects and other k8s resources mostly used for testing.
gator/reader
gator/test
gator/verify
instrumentation
keys
logging
metrics
metrics/exporters/common
metrics/exporters/opentelemetry
metrics/exporters/prometheus
metrics/exporters/stackdriver
metrics/exporters/view
metrics/registry Package registry provides a dynamic registry of available exporters.	Package registry provides a dynamic registry of available exporters.
mutation
mutation/match +kubebuilder:object:generate=true +groupName=match.gatekeeper.sh	+kubebuilder:object:generate=true +groupName=match.gatekeeper.sh
mutation/mutators
mutation/mutators/assign
mutation/mutators/assignimage
mutation/mutators/assignmeta
mutation/mutators/core
mutation/mutators/modifyset
mutation/mutators/testhelpers
mutation/path/parser Package parser provides a parser for a path specification language used in expressing Kubernetes object paths.	Package parser provides a parser for a path specification language used in expressing Kubernetes object paths.
mutation/path/tester
mutation/path/token
mutation/schema
mutation/types
oci
operations
pubsub
pubsub/connection
pubsub/dapr
pubsub/provider
readiness
readiness/pruner
syncutil
target
upgrade
util
version
watch
webhook
wildcard
test
clients
externaldata/dummy-provider
metrics
pubsub/fake-subscriber
testutils

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL