Caveats

Caveats

Ephemeral containers

They are subject to policies

Pod Security and Sidecars

Pod Security Standards apply to sidecars as well

Maybe filter using preconditions

GitOps

Flux compatibility with Mutating Webhooks

Immutable tags

Access image through tlogistry