kyverno · realshuting · Feb 7, 2020 · Jan 31, 2020 · Feb 5, 2020 · Feb 5, 2020
diff --git a/definitions/install.yaml b/definitions/install.yaml
@@ -71,8 +71,7 @@ spec:
                               type: string
                       resources:
                         type: object
-                        required:
-                        - kinds
+                        minProperties: 1
                         properties:
                           kinds:
                             type: array

diff --git a/definitions/install_debug.yaml b/definitions/install_debug.yaml
@@ -71,8 +71,7 @@ spec:
                               type: string
                       resources:
                         type: object
-                        required:
-                        - kinds
+                        minProperties: 1
                         properties:
                           kinds:
                             type: array

diff --git a/pkg/engine/policy/validate.go b/pkg/engine/policy/validate.go
@@ -135,10 +135,6 @@ func validateMatchedResourceDescription(rd kyverno.ResourceDescription) (string,
 		return "", fmt.Errorf("match resources not specified")
 	}
 
-	if len(rd.Kinds) == 0 {
-		return "match", fmt.Errorf("kind is mandatory")
-	}
-
 	if err := validateResourceDescription(rd); err != nil {
 		return "match", err
 	}

diff --git a/pkg/engine/policy/validate_test.go b/pkg/engine/policy/validate_test.go
@@ -248,24 +248,25 @@ func Test_Validate_ResourceDescription_MatchedValid(t *testing.T) {
 	_, err = validateMatchedResourceDescription(rd)
 	assert.NilError(t, err)
 }
-func Test_Validate_ResourceDescription_MissingKindsOnMatched(t *testing.T) {
-	var err error
-	matchedResourcedescirption := []byte(`
-	{
-		"selector": {
-		   "matchLabels": {
-			  "app.type": "prod"
-		   }
-		}
-	 }`)
-
-	var rd kyverno.ResourceDescription
-	err = json.Unmarshal(matchedResourcedescirption, &rd)
-	assert.NilError(t, err)
 
-	_, err = validateMatchedResourceDescription(rd)
-	assert.Assert(t, err != nil)
-}
+//func Test_Validate_ResourceDescription_MissingKindsOnMatched(t *testing.T) {
+//	var err error
+//	matchedResourcedescirption := []byte(`
+//	{
+//		"selector": {
+//		   "matchLabels": {
+//			  "app.type": "prod"
+//		   }
+//		}
+//	 }`)
+//
+//	var rd kyverno.ResourceDescription
+//	err = json.Unmarshal(matchedResourcedescirption, &rd)
+//	assert.NilError(t, err)
+//
+//	_, err = validateMatchedResourceDescription(rd)
+//	assert.Assert(t, err != nil)
+//}
 
 func Test_Validate_ResourceDescription_MissingKindsOnExclude(t *testing.T) {
 	var err error

diff --git a/pkg/engine/utils.go b/pkg/engine/utils.go
@@ -31,8 +31,10 @@ func MatchesResourceDescription(resource unstructured.Unstructured, rule kyverno
 	matches := rule.MatchResources.ResourceDescription
 	exclude := rule.ExcludeResources.ResourceDescription
 
-	if !findKind(matches.Kinds, resource.GetKind()) {
-		return false
+	if len(matches.Kinds) > 0 {
+		if !findKind(matches.Kinds, resource.GetKind()) {
+			return false
+		}
 	}
 
 	name := resource.GetName()