Show HN: Generate baseline Kubernetes NetworkPolicies from rendered manifests

**Show HN: Generate baseline Kubernetes NetworkPolicies from rendered manifests**

A lot of clusters still run “allow-all” east/west because NetworkPolicies aren’t enforced everywhere. I built a small static analyzer that reads rendered manifests (Helm/Argo CD/Kustomize output) and emits baseline NetworkPolicy YAML you can commit + diff in PRs.Workflow:PR changes manifestsCI regenerates policiesreviewers see “newly allowed” connections as a normal permission diffCurious how others handle this: would you rather review generated policy diffs, or a connectivity-graph diff. Any edge cases you’ve seen bite in real clusters (headless services, shared namespaces, DNS/egress, service meshes, etc.). Comments URL: https://news.ycombinator.com/item?id=47067580 Points: 1 # Comments: 0

---

**[devsupporter 해설]**

이 기사는 Show HN에서 제공하는 최신 개발 동향입니다. 관련 도구나 기술에 대해 더 알아보시려면 원본 링크를 참고하세요.