Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/redhat-cop/rego-policies

Rego policies collection
https://github.com/redhat-cop/rego-policies

conftest container-cop gatekeeper opa rego

Last synced: about 6 hours ago
JSON representation

Rego policies collection

Host: GitHub
URL: https://github.com/redhat-cop/rego-policies
Owner: redhat-cop
License: apache-2.0
Created: 2020-05-11T02:59:34.000Z (over 4 years ago)
Default Branch: main
Last Pushed: 2025-01-01T19:45:46.000Z (10 days ago)
Last Synced: 2025-01-11T14:07:30.733Z (about 6 hours ago)
Topics: conftest, container-cop, gatekeeper, opa, rego
Language: Shell
Homepage:
Size: 3.01 MB
Stars: 161
Watchers: 10
Forks: 37
Open Issues: 3
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: CODEOWNERS
- Security: SECURITY.md

Awesome Lists containing this project

awesome-opa - Red Hat Rego Policies - Red Hat Rego policies collection (Kubernetes / Built with Wasm)

README

        [![Run conftest-unittests.sh](https://github.com/redhat-cop/rego-policies/actions/workflows/conftest-unittests.yaml/badge.svg)](https://github.com/redhat-cop/rego-policies/actions/workflows/conftest-unittests.yaml)

[![Check POLICIES.md is up-to-date](https://github.com/redhat-cop/rego-policies/actions/workflows/docs.yaml/badge.svg)](https://github.com/redhat-cop/rego-policies/actions/workflows/docs.yaml)

[![Lint policies with Regal](https://github.com/redhat-cop/rego-policies/actions/workflows/regal-lint.yaml/badge.svg)](https://github.com/redhat-cop/rego-policies/actions/workflows/regal-lint.yaml)

[![Run gatekeeper-k8s-integrationtests.sh](https://github.com/redhat-cop/rego-policies/actions/workflows/gatekeeper-k8s-integrationtests.yaml/badge.svg)](https://github.com/redhat-cop/rego-policies/actions/workflows/gatekeeper-k8s-integrationtests.yaml)

[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/redhat-cop/rego-policies/badge)](https://securityscorecards.dev/viewer/?uri=github.com/redhat-cop/rego-policies)

# rego-policies

[Rego](https://www.openpolicyagent.org/docs/latest/policy-language/) policies collection.

## Policies

For a full list of policies, see the auto-generated [POLICIES.md](POLICIES.md)

The naming of the policies follows the Gatekeeper format, as described [here.](https://github.com/plexsystems/konstraint/blob/main/docs/constraint_creation.md#resource-naming)

Want to run the policies on a k8s/OCP cluster? See [TESTING.md](TESTING.md)

## Tools

### Conftest

conftest is a CLI to execute rego policies. It can be used to test locally before pushing to [OPA](https://www.openpolicyagent.org/).

- [https://www.conftest.dev/install](https://www.conftest.dev/install/)

### OPA Playground

OPA provides a web based playground, which can highlight which lines have been activated. Having issues with your policy? check it out with "Coverage" enabled:

- [https://play.openpolicyagent.org](https://play.openpolicyagent.org)

### Slack for all things

Stuck on a problem?

- [https://slack.openpolicyagent.org/](https://slack.openpolicyagent.org/)