Technology Radar
Published : Mar 29, 2022
NOT ON THE CURRENT EDITION
This blip is not on the current edition of the Radar. If it was on one of the last few editions, it is likely that it is still relevant. If the blip is older, it might no longer be relevant and our assessment might be different today. Unfortunately, we simply don't have the bandwidth to continuously review blips from previous editions of the Radar.
Understand more
Mar 2022
Trial
kube-score 是一款针对Kubernetes对象定义,进行代码静态检查的工具。它的输出是一份建议列表,里面包含了如何提升你的应用程序安全性及弹性的相关建议。它有一份包含了最佳实践的预定义检查,比如以非root权限运行容器,正确指定资源限制等。它已经存在了一段时间,我们在一些项目中将它作为Kubernetes manifests构建的CD流水线的一部分来使用。kube-score的一个显著缺陷是你无法添加自定义策略。在这种情况下,我们使用像Conftest 这样的工具,以弥补它的缺陷。
