The output you receive when scanning Kubernetes objects with Datree. You can find the example manifest here.
Popularity among the OSS community.
The language in which the policy rules are written.
Scan Kubernetes configs (YAML files) for misconfigurations.
K8s admission controller webhook
Scan Kubernetes objects on deployment to production.
Native templating support
Scan helm charts and Kustomize.
Pre-configured set of rules to validate your Kubernetes objects.
Validate that your manifests meet Kubernetes schema.
Validate that your manifests are written in syntactical YAML.
Assign read/write permissions to your policies and account.
Reporting and tracking
Track and report on the status and outcome of previous scans.
Detect misconfigurations in your running workloads.
Share the same policy across different users and machines. Edit once, run everywhere.
Scans direct objects
Reduce false negatives by scanning only explicit objects. Read more here.
Other IaC support
Support for other IaC technologies such as Terraform.
Policy as code
Manage your policies and rules from code.
Scan images for vulnerabilities.
Dir path scanning
Validate multiple files by scanning the folder in which they reside.
The language in which the project is written.
The project can run without internet connection.
Create workflow for fixing the detected misconfigurations.
Editable failure message
Edit the message the user receives when objects fails to meet the policy.