Jonas Juselius
67 lines
1.7 KiB
YAML
67 lines
1.7 KiB
YAML
{{- $name := include "vCluster.releaseName" . -}}
|
|
apiVersion: kyverno.io/v1
|
|
kind: ClusterPolicy
|
|
metadata:
|
|
name: "sync-{{ $name }}-vcluster-secrets"
|
|
spec:
|
|
background: true
|
|
generateExisting: true
|
|
rules:
|
|
- name: sync-rabbitmq-secrets
|
|
generate:
|
|
apiVersion: v1
|
|
kind: Secret
|
|
name: staging-rabbitmq
|
|
namespace: {{ printf "{{request.object.metadata.name}}" | quote }}
|
|
synchronize: false
|
|
clone:
|
|
namespace: rabbitmq
|
|
name: staging-rabbitmq
|
|
match:
|
|
resources:
|
|
kinds:
|
|
- Namespace
|
|
names:
|
|
- "vcluster-009dba7e-*"
|
|
selector:
|
|
matchLabels:
|
|
vcluster.loft.sh/vcluster-namespace: '{{ .Release.Namespace }}'
|
|
- name: sync-redis-secrets
|
|
generate:
|
|
apiVersion: v1
|
|
kind: Secret
|
|
name: staging-redis
|
|
namespace: {{ printf "{{request.object.metadata.name}}" | quote }}
|
|
synchronize: false
|
|
clone:
|
|
namespace: redis
|
|
name: staging-redis
|
|
match:
|
|
resources:
|
|
kinds:
|
|
- Namespace
|
|
names:
|
|
- "vcluster-009dba7e-*"
|
|
selector:
|
|
matchLabels:
|
|
vcluster.loft.sh/vcluster-namespace: '{{ .Release.Namespace }}'
|
|
- name: sync-archmeister-app-secret
|
|
generate:
|
|
apiVersion: v1
|
|
kind: Secret
|
|
name: staging-archmeister-app
|
|
namespace: {{ printf "{{request.object.metadata.name}}" | quote }}
|
|
synchronize: false
|
|
clone:
|
|
namespace: '{{ .Release.Namespace }}'
|
|
name: staging-archmeister-superuser
|
|
match:
|
|
resources:
|
|
kinds:
|
|
- Namespace
|
|
names:
|
|
- "vcluster-009dba7e-*"
|
|
selector:
|
|
matchLabels:
|
|
vcluster.loft.sh/vcluster-namespace: '{{ .Release.Namespace }}'
|