Namespace DNS Policy

Don't forget to checkout Kubewarden's official documentation for more information about writing policies.

Usage

This repository contains a working policy written in Go.

The policy looks at the name of a Kubernetes namespace and rejects the request if the name is on a deny list.

The deny list is configurable by the user via the runtime settings of the policy, as a default the IANA TLDs are used.

The configuration of the policy is expressed via this structure:

{
  "denied_toplevel_domains": [ "com", "de" ]
}

Name		Name	Last commit message	Last commit date
Latest commit History 10 Commits
.github/workflows		.github/workflows
hack		hack
test_data		test_data
vendor		vendor
.gitignore		.gitignore
CODEOWNERS		CODEOWNERS
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
artifacthub-pkg.yml		artifacthub-pkg.yml
artifacthub-repo.yml		artifacthub-repo.yml
e2e.bats		e2e.bats
go.mod		go.mod
go.sum		go.sum
main.go		main.go
metadata.yml		metadata.yml
renovate.json		renovate.json
settings.go		settings.go
settings.sample.json		settings.sample.json
settings_test.go		settings_test.go
tlds-alpha-by-domain.txt		tlds-alpha-by-domain.txt
types.go		types.go
types_easyjson.go		types_easyjson.go
validate.go		validate.go
validate_test.go		validate_test.go