platform/manifests
1
0
Fork 0
Code Issues 7 Pull Requests 5 Actions Packages Projects Releases Wiki Activity

fix: simplify kyverno rules using operations:

Browse Source
This commit is contained in:
Jonas Juselius
2024-06-18 15:45:39 +02:00
parent 63dabec1b9
commit a7382d8cdf
4 changed files with 46 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files
resources/atlantis/host-manifests/sync-rabbitmq-secrets.yaml
+22 -16
View File
@@ -23,14 +23,16 @@ spec:
- Secret - Secret
names: names:
- prod-rabbitmq - prod-rabbitmq
exclude: operations:
any: - CREATE
- resources: # exclude:
kinds: # any:
- Secret # - resources:
selector: # kinds:
matchLabels: # - Secret
generate.kyverno.io/clone-source: "" # selector:
# matchLabels:
# generate.kyverno.io/clone-source: ""
- name: sync-staging-rabbitmq-secret - name: sync-staging-rabbitmq-secret
generate: generate:
apiVersion: v1 apiVersion: v1
@@ -48,14 +50,16 @@ spec:
- Secret - Secret
names: names:
- staging-rabbitmq - staging-rabbitmq
exclude: operations:
any: - CREATE
- resources: # exclude:
kinds: # any:
- Secret # - resources:
selector: # kinds:
matchLabels: # - Secret
generate.kyverno.io/clone-source: "" # selector:
# matchLabels:
# generate.kyverno.io/clone-source: ""
- name: add-rabbitmq-connstring - name: add-rabbitmq-connstring
mutate: mutate:
patchStrategicMerge: patchStrategicMerge:
@@ -69,6 +73,8 @@ spec:
names: names:
- prod-rabbitmq - prod-rabbitmq
- staging-rabbitmq - staging-rabbitmq
operations:
- UPDATE
exclude: exclude:
any: any:
- resources: - resources:
resources/atlantis/host-manifests/sync-redis-secrets.yaml
+20 -16
View File
@@ -23,14 +23,16 @@ spec:
- Secret - Secret
names: names:
- prod-redis - prod-redis
exclude: operations:
any: - CREATE
- resources: # exclude:
kinds: # any:
- Secret # - resources:
selector: # kinds:
matchLabels: # - Secret
generate.kyverno.io/clone-source: "" # selector:
# matchLabels:
# generate.kyverno.io/clone-source: ""
- name: sync-staging-redis-secret - name: sync-staging-redis-secret
generate: generate:
apiVersion: v1 apiVersion: v1
@@ -48,12 +50,14 @@ spec:
- Secret - Secret
names: names:
- staging-redis - staging-redis
exclude: operations:
any: - CREATE
- resources: # exclude:
kinds: # any:
- Secret # - resources:
selector: # kinds:
matchLabels: # - Secret
generate.kyverno.io/clone-source: "" # selector:
# matchLabels:
# generate.kyverno.io/clone-source: ""
resources/atlantis/manifests/prod/secrets.yaml
+2
View File
@@ -4,6 +4,7 @@ metadata:
name: prod-redis name: prod-redis
namespace: atlantis namespace: atlantis
type: Opaque type: Opaque
data:
--- ---
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
@@ -11,3 +12,4 @@ metadata:
name: prod-rabbitmq name: prod-rabbitmq
namespace: atlantis namespace: atlantis
type: Opaque type: Opaque
data:
resources/atlantis/manifests/staging/secrets.yaml
+2
View File
@@ -4,6 +4,7 @@ metadata:
name: staging-redis name: staging-redis
namespace: atlantis namespace: atlantis
type: Opaque type: Opaque
data:
--- ---
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
@@ -11,3 +12,4 @@ metadata:
name: staging-rabbitmq name: staging-rabbitmq
namespace: atlantis namespace: atlantis
type: Opaque type: Opaque
data: