Helm Chart for OPA #7109
Comments
|
Hi @LuciaCabanillasRodriguez. OPA is relatively simple to deploy as a Deployment in Kubernetes environments. There is an example of the YAML required to do so here, in one of the OPA tutorials on ingress validation: https://www.openpolicyagent.org/docs/latest/kubernetes-tutorial/#6-deploy-opa-as-an-admission-controller Is your use case K8s admission related or something else? Is there a reason that you need a helm chart specifically over using a K8s deployment YAML alone?
It's relatively simple to have OPA load certificates from secret mounted as volumes from cert-manager (https://cert-manager.io). However, it's also common if OPA is running behind an ingress controller or gateway to terminate TLS there too. |
|
In my case, I’m not focused on deploying OPA as an Admission Controller. Instead, I want to deploy Open Policy Agent (OPA) as a general-purpose policy engine, which provides unified, context-aware policy enforcement across the entire stack. I noticed there was a Helm chart available in helm/stable/opa, but it seems to be deprecated. I would need a current Helm chart for my deployment. |
|
There's this one in kube-mgmt repo: https://github.com/open-policy-agent/kube-mgmt/tree/master/charts/opa-kube-mgmt AFAIK, it can be used even when kube-mgmt is not used. |
|
It would be ideal if a Helm chart could be added directly to the OPA repository rather than relying on the kube-mgmt repository. This would help avoid confusion and provide a more straightforward deployment aligned with the intended use. Additionally, having a dedicated Helm chart for each purpose (such as policy management or enforcement) would offer greater flexibility, making it easier to deploy OPA for different use cases without relying on outdated or unrelated charts. |
|
I think having things like Helm charts outside of the core project is reasonable, as OPA caters to a whole bunch of use cases of which many are unrelated to Kubernetes. But we could definitely do better to help users discover resources such as that one. For example, an entry for Helm under the ecosystem pages would likely help with discoverability. |
|
This issue has been automatically marked as inactive because it has not had any activity in the last 30 days. Although currently inactive, the issue could still be considered and actively worked on in the future. More details about the use-case this issue attempts to address, the value provided by completing it or possible solutions to resolve it would help to prioritize the issue. |
Request for Helm Chart Support
Hello,
I'm currently looking to deploy Open Policy Agent (OPA) using Helm, and I would like to know if there is an existing Helm chart that supports both HTTP and HTTPS protocols.
Thank you for your help!
Best regards,
Lucía
The text was updated successfully, but these errors were encountered: