This image was taken from the k8s docs
Introduction
In this article, we will explore how webhooks work in Kubernetes and, more specifically, about the ImagePolicyWebhook. The Kubernetes documentation about it is kind of vague, since there is no real example or implementation that you can get out of it, so here, we will break it down to the different alternatives. In a real-world scenario, I would prefer to rely on OPA Gatekeeper, but I’m planning to make this trip worth it by adding a database and making the webhook allow or disallow images based on a vulnerability scan — for example, allow only medium or lower vulnerabilities in your containers — but that will be a post for another day. If you are interested, you can help in this repo. For more information in general, see here.
from DZone.com Feed https://ift.tt/2LyvgYm
No comments:
Post a Comment