Audit constraint violations via status opa-gatekeeper

Read offending resources from a constraint's audit status without re-scanning

kubectl get k8srequiredlabels <name> -o jsonpath='{.status.totalViolations} {range .status.violations[*]}{"\n"}{.kind}/{.name}: {.message}{end}'
more opa-gatekeeper all 3 commands →