claude/k8s-apps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: switch Kyverno image verification to Enforce mode
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 1s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 8s
Details

Browse Source 
All current images in dev/staging/prod are signed with cosign.
CI pipeline signs new images automatically.
Enforce mode will block unsigned images from our registry.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
root 2026-02-18 10:11:26 +01:00
parent 38f1afcf2d
commit 3992d69c8e
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/kyverno-policies/verify-images.yaml
View File

@ -10,7 +10,7 @@ metadata:
policies.kyverno.io/category: Supply Chain Security
policies.kyverno.io/severity: high
spec:
validationFailureAction: Audit
validationFailureAction: Enforce
background: true
webhookTimeoutSeconds: 30
failurePolicy: Ignore