CtrlK
BlogDocsLog inGet started
Tessl Logo

nitinjain999/platform-skills

Production-grade platform engineering handbook — Kubernetes, Terraform, Flux CD, GitHub Actions, AWS, and more.

67

Quality

84%

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Passed

No known issues

Overview
Quality
Evals
Security
Files

README.mdexamples/runtime-security/

Runtime Security Examples

Status: Stable

Working examples for the /platform-skills:runtime-security skill.

Files

FileDescription
falco-values.yamlHelm values: Falco with eBPF driver, resource limits, node tolerations
falco-custom-rules.yamlCustom rules: shell in container, privilege escalation, unexpected outbound
falcosidekick-values.yamlHelm values: Falcosidekick with Slack and webhook routing
falco-kyverno-bridge.yamlKyverno ValidatingPolicy: block re-admission of Falco-flagged workloads

Usage

# Install Falco
helm upgrade --install falco falcosecurity/falco \
  --namespace falco \
  --create-namespace \
  -f examples/runtime-security/falco-values.yaml

# Install with Falcosidekick
helm upgrade --install falco falcosecurity/falco \
  --namespace falco \
  --create-namespace \
  --set falcosidekick.enabled=true \
  -f examples/runtime-security/falcosidekick-values.yaml

# Apply Kyverno bridge policy
kubectl apply -f examples/runtime-security/falco-kyverno-bridge.yaml

Validation

bash examples/runtime-security/runtime-security-validate.sh

examples

runtime-security

README.md

runtime-security-validate.sh

BEFORE_AFTER.md

CHANGELOG.md

CODE_OF_CONDUCT.md

COMMANDS.md

CONTRIBUTING.md

EDITOR_INTEGRATIONS.md

GETTING_STARTED.md

HOW_IT_WORKS.md

install.sh

INSTALLATION.md

LAUNCH.md

PROMPTS.md

QUICKSTART.md

README.md

renovate.json

SECURITY.md

SKILL.md

tessl.json

tile.json