OPA 101

This project is an experiment to ensure the Linkerd mTLS by using the OPA Gatekeeper to enforce certain workload admission policies.

Getting Started

To install Linkerd and OPA Gatekeeper,

make opa
make linkerd-install | kubectl apply -f -

Install the OPA constraint template and constraints:

kubectl apply -f opa-linkerd-mtls.yaml

To remove both Linkerd and OPA Gatekeeper,

make clean

To test the mTLS rules, run:

make test

Name		Name	Last commit message	Last commit date
Latest commit History 20 Commits
examples		examples
testdata		testdata
.gitignore		.gitignore
Makefile		Makefile
NOTES.md		NOTES.md
README.md		README.md
config.yaml		config.yaml
constraint.yaml		constraint.yaml
mtls-test.rego		mtls-test.rego
mtls.rego		mtls.rego
template.yaml		template.yaml