46 lines
1.2 KiB
YAML
46 lines
1.2 KiB
YAML
---
|
|
apiVersion: kyverno.io/v1
|
|
kind: ClusterPolicy
|
|
metadata:
|
|
name: zot-cache-enable
|
|
spec:
|
|
rules:
|
|
- name: clusterconfig
|
|
context:
|
|
- name: userconfig
|
|
configMap:
|
|
name: "{{ request.object.spec.userConfig.configMap.name }}"
|
|
namespace: "{{ request.object.spec.userConfig.configMap.namespace }}"
|
|
match:
|
|
any:
|
|
- resources:
|
|
kinds:
|
|
- App
|
|
namespaces:
|
|
- 'org-*'
|
|
operations:
|
|
- CREATE
|
|
preconditions:
|
|
all:
|
|
- key: "{{ request.object.spec.catalog }}"
|
|
operator: Equals
|
|
value: cluster
|
|
- key: "{{ request.object.spec.name }}"
|
|
operator: Equals
|
|
value: cluster-aws
|
|
- key: "{{ request.object.spec.name }}"
|
|
operator: Equals
|
|
value: cluster-aws
|
|
- key: "{{ userconfig.data.values }}"
|
|
operator: NotEquals
|
|
value: '*gsoci*'
|
|
mutate:
|
|
patchesJson6902: |-
|
|
- op: add
|
|
path: "/spec/extraConfigs/-"
|
|
value:
|
|
kind: configMap
|
|
name: "{{ request.object.metadata.name }}-enable-zot"
|
|
namespace: "{{ request.object.metadata.namespace }}"
|
|
|