Gatekeeper Update volume-types to deny
Package Owner Merge Request
Package Changes
- Updated constraint
volume-typesenforcement to default deny - Added exemption for monitoring, logging and twistlock namespace
Links to all MRs that are associated with this change are required.
If the package is set up for releases, also link the package release page for the new tag here.
Additional Details
Closes https://repo1.dso.mil/platform-one/big-bang/apps/core/policy/-/issues/44
Edited by Tunde Oladipupo
Merge request reports
Activity
changed milestone to %1.13.0
added statusreview label
removed statusreview label
added statusdoing label
Resolved by Michael McLeroyall-packages does not currently work. Need to put each individual package as a label on the MR
- Last reply by Michael McLeroy
Mattermost is currently not passing in the pipeline. Locally, getting this error;
Warning FailedCreate 57s (x15 over 2m20s) replicaset-controller Error creating: admission webhook "validation.gatekeeper.sh" denied the request: [allowed-docker-registries] container <init-check-database> has an invalid repository for image <postgres:13>, allowed repos are ["registry1.dso.mil", "registry.dso.mil"]https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/670 should fix it.
mentioned in merge request !696 (merged)
added 14 commits
-
23a63c3f...ae6a0d70 - 12 commits from branch
master - f178a82a - move constraint values to BB
- aaaa19a2 - exempt kube-system
-
23a63c3f...ae6a0d70 - 12 commits from branch
added statusreview label and removed statusdoing label
Please register or sign in to reply