[Experimental] OPA Mutation
[Experimental] OPA Mutation
KKP release 2.18 includes upgrading Gatekeeper to v3.5.2 to support K8s 1.22, and also introduces the new Experimental Mutation feature, which is not integrated with KKP(yet), but users can still use it on the user clusters.
How to activate Mutation on Gatekeeper
The mutation is Disabled by default, but users can opt-in by setting the flag experimentalEnableMutation
in the Cluster spec.
By setting this flag experimentalEnableMutation
to true, Kubermatic deploys Mutation Webhook on the user cluster.
apiVersion: kubermatic.k8s.io/v1
kind: Cluster
metadata:
name: bpc9nstqvk
spec:
humanReadableName: suspicious-mcnulty
oidc: {}
opaIntegration:
enabled: true
experimentalEnableMutation: true