KPR validates multiple kubernetes manifests.
-
Updated
Jul 21, 2020 - Open Policy Agent
The Open Policy Agent (OPA, pronounced “oh-pa”) is an open source, general-purpose policy engine that unifies policy enforcement across the stack. OPA provides a high-level declarative language that lets you specify policy as code and simple APIs to offload policy decision-making from your software. You can use OPA to enforce policies in microservices, Kubernetes, CI/CD pipelines, API gateways, and more.
What is OPA
KPR validates multiple kubernetes manifests.
A demo showcasing some examples of Test-Driven Development (TDD) for Infrastructure
A simple example showing how to restrict a custom HTTP API using the Open Policy Agent.
Check K8s yaml-files and helm-charts with rego policies
A collection of various Rego utility functions
A tool to visualize policies written in Rego and their evaluation process.
Silly little example how you could delegate policy decisions to ChatGPT.
Lab tuning Rego evaluation time from 17 seconds to 1 second
Keycloak + OpenID Connect + JWT + Open Policy Agent (DEMO)
OPA rules for the Please build system
A webserver that happens to host OPA server
Ansible role to install Open Policy Agent
Audit Logging for OPA Decision Logs
Why and how would you unit test your Infrastructure-as-Code and other configuration files
An easy way to generate Gatekeeper contraintTemplates from Rego files.
Examples for validation using Policy Language Rego
Automated manifest file validation mechanism using Open Policy Agent and GitHub Actions
Backend for packaging OPA policy and data files into bundles
OPA GitHub Pull Request Review Bot.