Cluster Auditor (CA) monitors OPA objects in the cluster and exposes violations as metrics to Prometheus/Grafana. Cluster auditor will “auto-detect” all OPA Gatekeeper
Cluster Auditor is hard-coded to 1 replica in the Deployment as further testing needs to be done if CA can work with multiple replicas. You can still rely on native Kubernetes functionality to restart and/or redeploy the CA Pod if it enters a bad state.
... spec: strategy: type: RollingUpdate selector: matchLabels: app: opa-exporter replicas: 1 ...
Cluster Auditor has no storage requirements on its own. Storage requirements of Prometheus/Grafana should be considered.
CA is based off of the OPA Scorecard which used the Apache License 2.0.