datree

command module

v1.8.2-rc Latest Latest Go to latest Published: Nov 20, 2022 License: Apache-2.0 Imports: 20 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/datreeio/datree

README ¶

Prevent Kubernetes Misconfigurations

Explore the docs »

🤔 What is Datree?

Datree prevents misconfigurations by blocking resources that do not meet your policy.

✌️ Quick-start in two steps

1. Add the Datree Helm repository

Run the following command in your terminal:

helm repo add datree-webhook https://datreeio.github.io/admission-webhook-datree
helm repo update

2. Install Datree on your cluster

Replace <TOKEN> with the token from your dashboard, and run the following command in your terminal:

helm install -n datree datree-webhook datree-webhook/datree-admission-webhook \
--create-namespace \
--set datree.token=<TOKEN>

This will create a new namespace (datree), where Datree’s services and application resources will reside. datree.token is used to connect your dashboard to your cluster. Note that the installation can take up to 5 minutes.

⚙️ How it works

Datree scans Kubernetes resources against a centrally managed policy, and blocks those that violate your desired policies.

Datree comes with multiple pre-built policies covering various use-cases, such as workload security, high availability, ArgoCD best practices, NSA hardening guide, and many more.

In addition to our built-in rules, you can write any custom rule you wish and then run it against your Kubernetes configurations to check for rule violations. The custom rule engine is based on JSON Schema.

✔️ Additional features

Datree offers a suite of features to make adoption seamless:

Monitoring - Datree is first installed in monitoring mode that reports on policy violations, rather than block their deployments.
CLI - Help your developers find misconfigurations in their configs before deploying them, by integrating Datree into their CI.
Misconfiguration prioritization - Datree makes it easy to improve the quality of your cluster by prioritizing the misconfigurations to be fixed.
Cluster score - Rank the stability of your cluster based on the number of detected misconfigurations.

Management dashboard (web application)

Datree can be customized via code (policy as code) or via a management dashboard. The dashboard offers the following capabilities in an intuitive visual interface:

Customize policies
Edit rules failure message
Issue tokens
View policy check history
Configure Kubernetes schema version

Contributing

Contributions are welcome!

Thank you to all the people who already contributed to Datree ❤️

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
bl
errorReporter
files
messager
policy
validation
cmd
completion
config
docs
kustomize
publish
schema-validator
test
upgrade
version
pkg
ciContext
cliClient
defaultPolicies
defaultRules
deploymentConfig
evaluation
executor
extractor
fileReader
httpClient
jsonSchemaValidator
localConfig
networkValidator
policy
printer
upgradeManager
utils
validatePoliciesYaml

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL