fix: simplify kyverno rules using operations:

resources/atlantis/host-manifests/sync-rabbitmq-secrets.yaml

@@ -23,14 +23,16 @@ spec:
          - Secret
          names:
          - prod-rabbitmq
-    exclude:
-     any:
-     - resources:
-         kinds:
-         - Secret
-         selector:
-           matchLabels:
-             generate.kyverno.io/clone-source: ""
+         operations:
+         - CREATE
+    # exclude:
+    #  any:
+    #  - resources:
+    #      kinds:
+    #      - Secret
+    #      selector:
+    #        matchLabels:
+    #          generate.kyverno.io/clone-source: ""
   - name: sync-staging-rabbitmq-secret
     generate:
       apiVersion: v1
@@ -48,14 +50,16 @@ spec:
          - Secret
          names:
          - staging-rabbitmq
-    exclude:
-     any:
-     - resources:
-         kinds:
-         - Secret
-         selector:
-           matchLabels:
-             generate.kyverno.io/clone-source: ""
+         operations:
+         - CREATE
+    # exclude:
+    #  any:
+    #  - resources:
+    #      kinds:
+    #      - Secret
+    #      selector:
+    #        matchLabels:
+    #          generate.kyverno.io/clone-source: ""
   - name: add-rabbitmq-connstring
     mutate:
       patchStrategicMerge:
@@ -69,6 +73,8 @@ spec:
            names:
            - prod-rabbitmq
            - staging-rabbitmq
+           operations:
+           - UPDATE
     exclude:
      any:
        - resources:

resources/atlantis/host-manifests/sync-redis-secrets.yaml

@@ -23,14 +23,16 @@ spec:
          - Secret
          names:
          - prod-redis
-    exclude:
-     any:
-     - resources:
-         kinds:
-         - Secret
-         selector:
-           matchLabels:
-             generate.kyverno.io/clone-source: ""
+         operations:
+         - CREATE
+    # exclude:
+    #  any:
+    #  - resources:
+    #      kinds:
+    #      - Secret
+    #      selector:
+    #        matchLabels:
+    #          generate.kyverno.io/clone-source: ""
   - name: sync-staging-redis-secret
     generate:
       apiVersion: v1
@@ -48,12 +50,14 @@ spec:
          - Secret
          names:
          - staging-redis
-    exclude:
-     any:
-     - resources:
-         kinds:
-         - Secret
-         selector:
-           matchLabels:
-             generate.kyverno.io/clone-source: ""
+         operations:
+         - CREATE
+    # exclude:
+    #  any:
+    #  - resources:
+    #      kinds:
+    #      - Secret
+    #      selector:
+    #        matchLabels:
+    #          generate.kyverno.io/clone-source: ""
 

resources/atlantis/manifests/prod/secrets.yaml

@@ -4,6 +4,7 @@ metadata:
   name: prod-redis
   namespace: atlantis
 type: Opaque
+data:
 ---
 apiVersion: v1
 kind: Secret
@@ -11,3 +12,4 @@ metadata:
   name: prod-rabbitmq
   namespace: atlantis
 type: Opaque
+data:

resources/atlantis/manifests/staging/secrets.yaml

@@ -4,6 +4,7 @@ metadata:
   name: staging-redis
   namespace: atlantis
 type: Opaque
+data:
 ---
 apiVersion: v1
 kind: Secret
@@ -11,3 +12,4 @@ metadata:
   name: staging-rabbitmq
   namespace: atlantis
 type: Opaque
+data: