forked from kubewarden/helm-charts
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathhost-path-policy.yaml
27 lines (27 loc) · 1 KB
/
host-path-policy.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
{{ if .Values.recommendedPolicies.enabled }}
apiVersion: {{ $.Values.crdVersion }}
kind: ClusterAdmissionPolicy
metadata:
labels:
{{- include "kubewarden-defaults.labels" . | nindent 4 }}
app.kubernetes.io/component: policy
annotations:
io.kubewarden.policy.category: PSP
io.kubewarden.policy.severity: medium
{{- include "kubewarden-defaults.annotations" . | nindent 4 }}
name: {{ $.Values.recommendedPolicies.hostPathsPolicy.name }}
spec:
mode: {{ $.Values.recommendedPolicies.defaultPolicyMode }}
module: {{ template "policy_default_registry" . }}{{ .Values.recommendedPolicies.hostPathsPolicy.module.repository }}:{{ .Values.recommendedPolicies.hostPathsPolicy.module.tag }}
{{ include "policy-namespace-selector" . | indent 2}}
rules:
- apiGroups: [""]
apiVersions: ["v1"]
resources: ["pods"]
operations:
- CREATE
- UPDATE
mutating: false
settings:
{{- toYaml .Values.recommendedPolicies.hostPathsPolicy.settings | replace "|\n" "" | nindent 4 }}
{{ end }}