Easier & Faster Kubernetes Policies with JavaScript or TypeScript

Get Started

Why consider using jsPolicy?

Language

JS | TS

Policies in jsPolicy can be written either in JavaScript or in any language that can be compiled to JavaScript such as TypeScript.

Rego

OPA policies need to be written in Rego which is not turing complete.

YAML

Kyverno uses YAML to express policies rather than a real programming language.

Validating Policies

yes

jsPolicy supports validating admission control policies.

yes

OPA supports validating admission control policies.

yes

Kyverno supports validating admission control policies.

Mutating Policies

super easy

jsPolicy supports mutating admission control policies and makes them incredibly easy to write.

very limited

Mutating policies are an alpha feature in OPA and have many limitations.

complicated

Kyverno's YAML policies only allow mutating policies to apply patches. More complex operations are impossible or really complicated.

Controller Policies

yes

Controller policies are executed after Events in your cluster and jsPolicy is the first policy engine to introduce this feature.

not supported

Controller policies only exist in jsPolicy.

not supported

Controller policies only exist in jsPolicy.

Dev & Test Tooling

extensive + mature

Since jsPolicy lets you work with regular JavaScript, the entire JS ecosystem with great dev tools and testing frameworks can be used to write, test and maintain policies.

limited

Due to OPA's popularity and maturity, several dev and test tools are available but this very limited compared to the JS ecosystem.

very basic

Kvverno provides a CLI tool for running very basic end-to-end tests. 3rd party tooling is not available.

Package Management

npm

Publish and share your policies via npmjs.com or pull policy functions from a private npm registry. jsPolicy introduces a new level of policy package management via npm.

not available

There is no widely adopted package manager for publishing and sharing OPA policy logic.

not available

There is no widely adopted package manager for publishing and sharing Kyverno policy logic.

Row1

Strong

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique.

Row1

Strong

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique.

Row1

Strong

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique.

Row1

Strong

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique.

Row1

Strong

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique.

Row1

Strong

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique.

Row1

Strong

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique.

Row1

Strong

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique.

Row1

Strong

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique.

Row1

Strong

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique.

Row1

Strong

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique.

Row1

Strong

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique.

Row1

Strong

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique.

Row1

Strong

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique.

Row1

Strong

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique.

See jsPolicy In Action

Getting started with jsPolicy is as easy as installing the Helm chart and applying some policies to your cluster. Check out the demo video for a preview of how to get started with jsPolicy in a few minutes.

Free, Open-Source & Community Driven

Star the project on GitHub, open issues and pull requests. Any contribution is welcome.

jsPolicy on Github

Join the conversation about vclusters on Slack and get help from the project maintainers.

jsPolicy on Slack

Open-Source at Loft Labs

At Loft Labs, we are committed to building open-source tools such as DevSpace, jsPolicy, vcluster and kiosk alongside our commercial offering Loft. We want to give back to the community and we believe open-source projects are the best way to accelerate the speed of innovation in the cloud-native space.

Get The Latest News About Our Projects

Newsletter