This repository aims to capture a number of examples which demonstrate different solutions and mechanisms which incorporate the Covarity tool set into continuous integration and delivery of code.
An example where anchorctl
is used to test the Admission Control functionality of Kubernetes. The example focuses on templating policies, unit testing and integration testing OPA with anchorctl
. It was developed as part of the Kube-Forum Sydney 2019 talk which can be found here.
The following technologies are used:
- Rego to write the policies
- Jinja2 and PyYAML to template policies and unit tests
- OPA + Kube Mgmt as the validating and mutating admission controller
- Kustomize to generate configmaps of policies
- Anchorctl to perform integration testing of the policies
More information about the demo can be found here
Examples which demonstrate an end-to-end pipeline integration