Admission Controller on Images #7562
-
|
Hi there! I have an (in my opinion) interesting question for you guys. I am using Argo Workflows to automate continuous data extraction out several systems and I was wondering whether it would be possible to limit the images Argo Workflows is allowed to run as a Workflow image. Somebody already tackled this issue and would like to share his/her experience? Any thoughts, tips, ideas? Thanks! |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
|
Yes, you should be able to use admission controllers such as validating webhooks to check the images applied to your workflow pods. This is not a question related to Argo Workflows though. https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/ |
Beta Was this translation helpful? Give feedback.
-
|
Thanks. You are right, there are already tools out there that allow you to do this. We are going for Open Policy Agent. |
Beta Was this translation helpful? Give feedback.
Yes, you should be able to use admission controllers such as validating webhooks to check the images applied to your workflow pods. This is not a question related to Argo Workflows though. https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/