fix: disable s3 secret policy

2025-06-20 15:28:04 +02:00
parent 8b7609b99d
commit f7303521b6
1 changed files with 34 additions and 34 deletions
@@ -1,34 +1,34 @@
-{{- if .Values.clusterConfig.kyverno.enabled }}
+# {{- if .Values.clusterConfig.kyverno.enabled }}
-apiVersion: kyverno.io/v1
+# apiVersion: kyverno.io/v1
-kind: ClusterPolicy
+# kind: ClusterPolicy
-metadata:
+# metadata:
-  annotations:
+#   annotations:
-    policies.clusterConfig.kyverno.io/description: 'This policy will sync the s3 secret in kube-system namespace across namespaces'
+#     policies.clusterConfig.kyverno.io/description: 'This policy will sync the s3 secret in kube-system namespace across namespaces'
-    policies.clusterConfig.kyverno.io/subject: Secret
+#     policies.clusterConfig.kyverno.io/subject: Secret
-    policies.clusterConfig.kyverno.io/title: Sync s3 Secrets
+#     policies.clusterConfig.kyverno.io/title: Sync s3 Secrets
-  name: sync-s3-credentials
+#   name: sync-s3-credentials
-spec:
+# spec:
-  generateExistingOnPolicyUpdate: true
+#   generateExistingOnPolicyUpdate: true
-  background: true
+#   background: true
-  rules:
+#   rules:
-  - generate:
+#   - generate:
-      apiVersion: v1
+#       apiVersion: v1
-      clone:
+#       clone:
-        name: s3-credentials
+#         name: s3-credentials
-        namespace: kube-system
+#         namespace: kube-system
-      kind: Secret
+#       kind: Secret
-      name: s3-credentials
+#       name: s3-credentials
-      namespace: '{{`{{request.object.metadata.name}}`}}'
+#       namespace: '{{`{{request.object.metadata.name}}`}}'
-      synchronize: true
+#       synchronize: true
-    match:
+#     match:
-      resources:
+#       resources:
-        kinds:
+#         kinds:
-        - Namespace
+#         - Namespace
-        names:
+#         names:
-        - "velero"
+#         - "velero"
-        - "loki"
+#         - "loki"
-        - "tempo"
+#         - "tempo"
-    name: sync-s3-secret
+#     name: sync-s3-secret
-    skipBackgroundRequests: true
+#     skipBackgroundRequests: true
-  validationFailureAction: audit
+#   validationFailureAction: audit
-{{- end }}
+# {{- end }}