implement - bbctl get violations <pkg>
Note: gatekeeper will likely be replaced by kyverno. So don't spend too much time on this for the MVP.
Activity
@michaelmcleroy - add the relevant kubectl commands (above in the description) to get the gatekeeper violations
Edited by kevin.wilderadded bbctl label
added teamXForce label
Here is the command I use to get violations from opa gatekeeper:
kubectl get constraints -o json | jq '.items[] | { "Name" : .metadata.annotations."constraints.gatekeeper/name", "Kind" : .kind, "Description" : .metadata.annotations."constraints.gatekeeper/description", "Version" : .metadata.labels."app.kubernetes.io/version", "Parameters": .spec.parameters, "Source" : .metadata.annotations."constraints.gatekeeper/source", "Docs" : .metadata.annotations."constraints.gatekeeper/docs", "Related" : .metadata.annotations."constraints.gatekeeper/related", "TotalViolations" : .status.totalViolations, "Violations" : .status.violations } | with_entries( select( .value != null ) )' > gatekeeper-report.jsonYou can get recent denies by using
kubectl get eventsassigned to @sameerbhatia
added ~2281 statusdoing labels
created merge request !7 (closed) to address this issue
mentioned in merge request !7 (closed)
changed milestone to %1.21.0
changed iteration to Big Bang Iterations Nov 16, 2021 - Nov 29, 2021
changed milestone to %1.22.0
added priority5 label
changed iteration to Big Bang Iterations Nov 30, 2021 - Dec 13, 2021
changed milestone to %1.23.0
changed milestone to %1.24.0
changed iteration to Big Bang Iterations Dec 14, 2021 - Dec 27, 2021
mentioned in merge request !11 (merged)
mentioned in commit b2426c3f
closed with merge request !11 (merged)
removed ~2281 statusdoing labels