Make package opa-docker-authz public

[anderseknert]

Hey, @ashutosh-narkar, @tsandall! I'm going to need your help with this one.

@larhauga has done some good work to get this plugin published automatically to ghcr.io, as part of CI. This will be a good improvement compared to the manual process that we've used for this repo, where the last release is 2 years old. I've verified that the push works as expected, but the package is currently private, and apparently only an org owner can make that change, which I am not.

Could you please help me with the following?

1. In the rightmost column on the project main page, click "Packages".
2. Click "opa-docker-authz"
3. In the bottom of the column to the right, click "Package settings"
4. At the bottom under "Danger Zone" 😎 click "Change package visibilty" and make it public

Thanks 👍

[anderseknert]

The package is public now. @larhauga if you try it and fint everything works as expected, let me know! Next step would be a tag, and then to have the docs updated and use the new location consistently.

Thanks @ashutosh-narkar for fixing this 👍

[larhauga]

Awesome 🙌 Works great in dind in kubernetes 👍 Thanks for all your help!

# startup
until [ -S /var/run/docker.sock ]; do sleep 1; done &&
docker plugin install --grant-all-permissions --alias opa-docker-authz ghcr.io/open-policy-agent/opa-docker-authz:edge opa-args='-policy-file /opa/opa-conf.rego'  >/proc/1/fd/1 2>&1 &&
echo '{"authorization-plugins": ["opa-docker-authz"]}' > /etc/docker/daemon.json &&
kill -HUP $(pidof dockerd)

# inspect
docker plugin inspect opa-docker-authz:latest
        "PluginReference": "ghcr.io/open-policy-agent/opa-docker-authz:edge",

docker run --rm -it --privileged fedora:latest sh
docker: Error response from daemon: authorization denied by plugin opa-docker-authz:latest: request rejected by administrative policy.

[anderseknert]

That's awesome! Thanks for letting me know 👍