Coder Social home page Coder Social logo

anilpothula / datree Goto Github PK

View Code? Open in Web Editor NEW

This project forked from datreeio/datree

0.0 0.0 0.0 8.58 MB

Prevent Kubernetes misconfigurations from reaching production (again 😤 )! From code to cloud, Datree provides an E2E policy enforcement solution to run automatic checks for rule violations. See our docs: https://hub.datree.io

Home Page: https://datree.io

License: Apache License 2.0

Shell 2.11% Python 0.50% Go 95.72% PowerShell 0.79% Makefile 0.47% Dockerfile 0.42%

datree's Introduction

datree=github

Explore the docs »

Datree

Datree (pronounced /da-tree/) is a cloud native solution to prevent Kuberentes misconfigurations by blocking resources that do not meet your policy.

✌️ Quick-start in two steps

Install Datree to get insights on the status of your cluster and enforce your desired policies on new resources.

NOTE:
By default, Datree does not block misconfigured resources, it only monitors and alerts about them.
To enable enforcement mode, see the documentation.

1. Add the Datree Helm repository

Run the following command in your terminal:

helm repo add datree-webhook https://datreeio.github.io/admission-webhook-datree
helm repo update

2. Install Datree on your cluster

Replace <DATREE_TOKEN> with the token from your dashboard, and run the following command in your terminal:

helm install -n datree datree-webhook datree-webhook/datree-admission-webhook --debug \
--create-namespace \
--set datree.token=<DATREE_TOKEN> \
--set datree.clusterName=$(kubectl config current-context)

This will create a new namespace (datree), where Datree’s services and application resources will reside. datree.token is used to connect your dashboard to your cluster. Note that the installation can take up to 5 minutes.

⚙️ How it works

Datree scans Kubernetes resources against a centrally managed policy, and blocks those that violate your desired policies.

Datree comes with multiple pre-built policies covering various use-cases, such as workload security, high availability, ArgoCD best practices, NSA hardening guide, and many more.

In addition to our built-in rules, you can write any custom rule you wish and then run it against your Kubernetes configurations to check for rule violations. The custom rule engine is based on JSON Schema.

🤩 Additional features

Datree offers a suite of features to make adoption seamless:

  • Monitoring - Datree is first installed in monitoring mode that reports on policy violations, rather than block their deployments.
  • CLI - Help your developers find misconfigurations in their configs before deploying them, by integrating Datree into their CI.
  • Misconfiguration prioritization - Datree makes it easy to improve the quality of your cluster by prioritizing the misconfigurations to be fixed.
  • Cluster score - Rank the stability of your cluster based on the number of detected misconfigurations.

📊 Management dashboard (web application)

Datree can be customized via code (policy as code) or via a management dashboard. The dashboard offers the following capabilities in an intuitive visual interface:

  • Customize policies
  • Edit rules failure message
  • Issue tokens
  • View policy check history
  • Configure Kubernetes schema version

Datree-saas

Contributing

Contributions are welcome!

Contributors

Thank you to all the people who already contributed to Datree ❤️

datree's People

Contributors

myishay avatar royhadad avatar dimabru avatar hadar-co avatar shmuelsa avatar noaabarki avatar tzlilswimmer123 avatar romanlab avatar amustaque97 avatar ben-zaad avatar shalev007 avatar abhra303 avatar vbh avatar shmu3l avatar shimont avatar naorpeled avatar avinashnayak27 avatar nilimac04 avatar imrushi avatar prasadkatti avatar hillashx avatar guyzyl avatar juneezee avatar adifayer avatar theowlet avatar marooncoder09 avatar jehanjazz-1 avatar emjay010 avatar viploveb avatar sourikghosh avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.