From f7303521b634021d7235aefe4e73a89548c73fcb Mon Sep 17 00:00:00 2001
From: Jonas Juselius <jonas.juselius@oceanbox.io>
Date: Fri, 20 Jun 2025 15:28:04 +0200
Subject: [PATCH] fix: disable s3 secret policy

---
 .../oceanbox/kyverno/sync-s3-secret.yaml      | 68 +++++++++----------
 1 file changed, 34 insertions(+), 34 deletions(-)

diff --git a/values/system/oceanbox/kyverno/sync-s3-secret.yaml b/values/system/oceanbox/kyverno/sync-s3-secret.yaml
index c1796722..fe65363e 100644
--- a/values/system/oceanbox/kyverno/sync-s3-secret.yaml
+++ b/values/system/oceanbox/kyverno/sync-s3-secret.yaml
@@ -1,34 +1,34 @@
-{{- if .Values.clusterConfig.kyverno.enabled }}
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  annotations:
-    policies.clusterConfig.kyverno.io/description: 'This policy will sync the s3 secret in kube-system namespace across namespaces'
-    policies.clusterConfig.kyverno.io/subject: Secret
-    policies.clusterConfig.kyverno.io/title: Sync s3 Secrets
-  name: sync-s3-credentials
-spec:
-  generateExistingOnPolicyUpdate: true
-  background: true
-  rules:
-  - generate:
-      apiVersion: v1
-      clone:
-        name: s3-credentials
-        namespace: kube-system
-      kind: Secret
-      name: s3-credentials
-      namespace: '{{`{{request.object.metadata.name}}`}}'
-      synchronize: true
-    match:
-      resources:
-        kinds:
-        - Namespace
-        names:
-        - "velero"
-        - "loki"
-        - "tempo"
-    name: sync-s3-secret
-    skipBackgroundRequests: true
-  validationFailureAction: audit
-{{- end }}
+# {{- if .Values.clusterConfig.kyverno.enabled }}
+# apiVersion: kyverno.io/v1
+# kind: ClusterPolicy
+# metadata:
+#   annotations:
+#     policies.clusterConfig.kyverno.io/description: 'This policy will sync the s3 secret in kube-system namespace across namespaces'
+#     policies.clusterConfig.kyverno.io/subject: Secret
+#     policies.clusterConfig.kyverno.io/title: Sync s3 Secrets
+#   name: sync-s3-credentials
+# spec:
+#   generateExistingOnPolicyUpdate: true
+#   background: true
+#   rules:
+#   - generate:
+#       apiVersion: v1
+#       clone:
+#         name: s3-credentials
+#         namespace: kube-system
+#       kind: Secret
+#       name: s3-credentials
+#       namespace: '{{`{{request.object.metadata.name}}`}}'
+#       synchronize: true
+#     match:
+#       resources:
+#         kinds:
+#         - Namespace
+#         names:
+#         - "velero"
+#         - "loki"
+#         - "tempo"
+#     name: sync-s3-secret
+#     skipBackgroundRequests: true
+#   validationFailureAction: audit
+# {{- end }}