public-collect/kubewarden-policy-evaluator
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
94130c107c32369408a5d463bc6633bc1405ae6e
kubewarden-policy-evaluator/crates/burrego/examples/opa/accept-in-namespaces.rego
Hatter Jiang 94130c107c feat: init commit
2023-01-17 22:45:23 +08:00

9 lines
387 B
Rego
Raw Blame History

package kubernetes.admission
deny[msg] {
object_namespace := input.request.object.metadata.namespace
satisfied := [allowed_namespace | namespace = data.allowed_namespaces[_]; allowed_namespace = object_namespace == namespace]
not any(satisfied)
msg := sprintf("object created under an invalid namespace %s; allowed namespaces are %v", [object_namespace, data.allowed_namespaces])
}
Reference in New Issue View Git Blame Copy Permalink