First of all: great project! I love this added fine-grained access and particularly that you made it an additional layer that I can stack on another socket proxy.
One thing I personally dislike is that the filters are wildcarded. I'd prefer to not check if the container name or label includes what I define but would rather have a strict string equals check. I can definitely make it work in its current state but I don't like unstrict checks in a security tool and it would be nice to be able to set it for strict checks.
First of all: great project! I love this added fine-grained access and particularly that you made it an additional layer that I can stack on another socket proxy.
One thing I personally dislike is that the filters are wildcarded. I'd prefer to not check if the container name or label includes what I define but would rather have a strict string equals check. I can definitely make it work in its current state but I don't like unstrict checks in a security tool and it would be nice to be able to set it for strict checks.