Pls help me in configuring/using OPA in minikbe

Hi Team/Mumshad,

From past a week we are trying to deploy OPA on minikube for a POC. Getting the below error even after multiple tries.
I am referring the below DOC for OPA deployment on minikube

Below is the error message:

[osboxes@minikube ~]$ kubectl apply -f webhook-configuration.yaml
error: error validating “webhook-configuration.yaml”: error validating data: [ValidationError(ValidatingWebhookConfiguration.webhooks[0]): missing required field “sideEffects” in io.k8s.api.admissionregistration.v1.ValidatingWebhook, ValidationError(ValidatingWebhookConfiguration.webhooks[0]): missing required field “admissionReviewVersions” in io.k8s.api.admissionregistration.v1.ValidatingWebhook]; if you choose to ignore these errors, turn validation off with --validate=false
[osboxes@minikube ~]$

Please help me on it.

What’s your k8s cluster version? Any specific reason you are not using the latest OPA version?

According to the error output, sideEffects field is missing.
Please check from here -

No specific reason, I just following the link which is mentioned in my previous message. Please help me with any other link which will help to configure OPA in properway.

Following the documentation, the OPA config file should look like these config:

apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
name: “pod-policy.example.com”
webhooks:

• name: “pod-policy.example.com”
  rules:
  • apiGroups: [“”]
    apiVersions: [“v1”]
    operations: [“CREATE”]
    resources: [“pods”]
    scope: “Namespaced”
    clientConfig:
    service:
    namespace: “example-namespace”
    name: “example-service”
    caBundle: “Ci0tLS0tQk…<caBundle is a PEM encoded CA bundle which will be used to validate the webhook’s server certificate.>…tLS0K”
    admissionReviewVersions: [“v1”, “v1beta1”]
    sideEffects: None
    timeoutSeconds: 5