Skipper deployed as ingress in your #kubernetes cluster and #OpenPolicyAgent as rule engine got a significant speedup https://github.com/zalando/skipper/releases/tag/v0.22.51
Blue line “old” Red line “new”
#OpenPolicyAgent
Great blog from Square, on how they built a custom solution for #Kubernetes guardrails on top of Open Policy Agent. This is a perfect example of the flexibility OPA provides organizations to solve the most advanced use cases!
https://developer.squareup.com/blog/kube-policies-guardrails-for-apps-running-in-kubernetes/
The #KubeCon recordings are now on YouTube! We'll be posting links to all the #OpenPolicyAgent related ones as we watch them. First out is the #OPA maintainer track session, where @charlieegan3 and @anderseknert give a short introduction to OPA and Rego, followed by a deep-dive into recent performance improvements, and a sneak peek at the project roadmap. Check it out!
For anyone at #KubeCon, me and @charlieegan3 will close the day off by presenting an introduction, deep-dive and roadmap for #OpenPolicyAgent at 17:30. I know it’s late, but stick around, as we have a lot of cool things to show you!
https://kccnceu2025.sched.com/event/1td0h/open-policy-agent-opa-intro-deep-dive-charlie-egan-styra
Today I was in the mood and packaged #regal and #opa for @opensuse
Packages still need more testing, but the first steps are done. Found a glitch in the OPA ldflags handling and reported it upstream.
Should arrive in #Tumbleweed soon-ish.
9 years. I guess we’re doing this..
Dependency Management Data's Open Policy Agent support is now a whole lot more efficient
Talking about the latest release of Dependency Management Data and some refactoring that's led to better performance.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/07/27/dmd-opa-perf/
Dynamically querying EndOfLife.date data for internal packages with Open Policy Agent and Dependency Management Data
How you can retrieve End-of-Life data via EndOfLife.date using Dependency Management Data's Policies functionality.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/07/14/dmd-opa-eol/
Avec Thomas Foubert, nous découvrons le Policy as Code (PaC) qui permet de définir et appliquer programmatiquement des politiques/contrôles sur les déploiements.
💻 Avec des outils comme OPA, on peut industrialiser audits & validation de conformité dès les pipelines de déploiement cloud!
#CloudSecurity #AutomationCloud #OpenPolicyAgent
🎧 Web: https://bit.ly/3wAe9xi
🎧 Spotify: https://spoti.fi/4bFQkms
🎧 YouTube: https://bit.ly/4bFQjPq
We also saw community-driven efforts to support CI, binaries, and containers for the Eventing #Kafka Broker receiver & dispatcher (containers), #OpenPolicyAgent's Conftest (ci, binaries), #Skupper (ci, binaries), #Goss (ci, binaries), & rotobuf-maven-plugin (ci) 🎉
At last! Our #KubeCon talk "Open Policy Agent — Intro and Deep Dive" is now up on YouTube 😃 I can't stand hearing / watching myself talk, but hopefully you won't feel the same aversion. Covering an intro to the project, some updates, a roadmap, and much more. Check it out!
Good morning from #KubeCon! If you’re here and want to meet, find me in the #OpenPolicyAgent kiosk in the project pavilion. Also, don’t miss my talk on today at 15:25 if you’re curious about #OPA, #Rego, and anything related.
Межсервисная авторизация в Авито PaaS
Антон Губарев, инженер в Avito PaaS, рассказал, как реализовать межсервисную авторизацию на 2500 сервисов и ничего не сломать.
Anyone have a good write up/how-to for standing up #OpenPolicyAgent server? Looking at the documentation, I'm a bit lost on how to point it to rego files, and how to have my clients call OPA to evaluate their JSON.
My use case is kind of fun - have all my team's Terraform repos do a pre-merge OPA evaluation on the Terraform plan. I'd like to get away from bundling the rego with the repos - the developers could just change the accept criteria and hope nobody notices in the pull request.
So success looks like having a rego file on a remote opa server that will allow a user to POST a url with their terraform plan, and get back the results.
Any ideas?
(ping @anderseknert)
@anderseknert This looks really cool - I need to carve out some time at work to dive back into Open Policy Agent. We have a decent little workflow for validating Terraform plans, but I'd love to get it further refined.
Plus, getting a OPA server rather than trusting the engineers/pipeline to validate their own policy would be nice.
What better way to spend the weekend than with a new version of #Regal? Everyone's favorite #Rego linter now have 2 more new rules, and some other nice improvements added. Check it out!
Just published! #OpenPolicyAgent 2023, year in review. It’s always such a joy looking back at everything that happened in our community in the past year. And for a project the size of #OPA, it’s a *lot*.
Thanks @charlieegan3, @ritazh and @jpreese for co-authoring the blog with me.
Check it out!
https://blog.openpolicyagent.org/open-policy-agent-2023-year-in-review-4c12df22e351
Regal v0.14.0 just released! 🎉 The latest edition of the #OPA community's favorite #Rego linter features two new rules, a new output format, and many improvements and fixes. Release notes and downloads here: https://github.com/StyraInc/regal/releases/tag/v0.14.0
#OpenPolicyAgent #DevOps #DevSecOps #PolicyAsCode #Linter #CodeQuality #IAM
Join me for HashiTalks Deploy where I'll talk about my fun little side project: the Nomad Admission Control Proxy 🎉
youtube:
https://www.youtube.com/watch?v=DAqLXZlxiMQ
schedule:
https://events.hashicorp.com/hashitalksdeploy
github:
https://github.com/mxab/nacp
You can now use Open Policy Agent with dependency-management-data
How to use Open Policy Agent to perform much more effective flagging of package compliance with dependency-management-data.
https://fed.brid.gy/r/https://www.jvt.me/posts/2023/11/24/dmd-opa/
Client Info
Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst