Creating a kyverno policy to invalidate bad practices and avoid misplaced structure elements #9670
Unanswered
RayenDen
asked this question in
Contributor Q&A
Replies: 1 comment
-
|
You may need to use something like kyverno-json because Kyverno is Kubernetes aware and embeds the schemas for the core resource types. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hello,
I'm trying to write a kyverno policy to invalidate misplaced elements in the deployment's structure (strategy in .spec.template.spec and not .spec in a deployment, in my case) i know the k8s api does the validation but i need the policy for it to happen on the pipeline's level.
Here's the policy validate-deployment-strategy.yaml i wrote i tried it 2 ways:
1st version:
2nd version :
when testing the policy on a deployment :
the policy triggers when strategy is in .spec.template.spec or in it's write place .spec and I dont understand the issue (new to kyverno)
i tried it locally through the commands :
kubectl apply -f validate-deployment-strategy.yamlkubectl apply -f deployment.yaml --validate=falseBeta Was this translation helpful? Give feedback.
All reactions