Datree [DEPRECATED]
Datree (pronounced /da-tree/
) was built to secure Kubernetes workloads by blocking the deployment of misconfigured resources. Since July 2023, the commercial company that supports and actively maintains this project has been closed.
Migrating to the (fully) open-source version of Datree
For existing users, it is still possible to run Datree as a standalone: https://hub.datree.io/cli/offline-mode
What will not be available anymore
All the archived open source repositories under datreeio org will no longer be maintained and accept any new code changes, including any security patches. In addition, the following key capabilities will not longer be available anymore:
- Centralized policy registry
- Automatic Kubernetes schema validation
- Access to the dashboard and all of its components (e.g. activity-log page, token management, etc.)
โ๏ธ How it works
Datree scans Kubernetes resources against a centrally managed policy, and blocks those that violate your desired policies.
Datree comes with over 100 rules covering various use-cases, such as workload security, high availability, ArgoCD best practices, NSA hardening guide, and many more.
In addition to our built-in rules, you can write any custom rule you wish and then run it against your Kubernetes configurations to check for rule violations. Custom rules can be written in JSON schema or in Rego.
Contributing
We want to thank our contributors for helping us build Datree โค๏ธ