Demo repository for managing a multi-tenant cluster with Flux and Kustomize, part of fluxcd/multi-tenancy.
This repository uses GitHub Actions to validate the Kubernetes manifests with kubeval and a set of Open Policy Agent rego rules.
GitHub workflow:
- validate kustomize build with kubeval strict mode
- deny containers with latest image tag
- deny deployments and services without app label selector
- warn if deployments have no prometheus pod annotations