kyverno/test/conformance/chainsaw/mutate/e2e/patchesjson6902-simple/policy.yaml

apiVersion: kyverno.io/v1
kind: ClusterPolicy
metadata:
  name: add-image-as-env-var
  # env array needs to exist (least one env var is present)
spec:
  background: false
  schemaValidation: false
  rules:
  # One Pod
  - name: pod-containers-1-inject-image
    match:
      any:
      - resources:
          kinds:
          - Pod
    preconditions:
      all:
      - key: "{{request.object.spec.containers[] | length(@)}}"
        operator: GreaterThanOrEquals
        value: 1
    mutate:
      patchesJson6902: |-
        - op: add
          path: "/spec/containers/0/env/-"
          value: {"name":"K8S_IMAGE","value":"{{request.object.spec.containers[0].image}}"}        
  # Two or more Pods
  - name: pod-containers-2-inject-image
    match:
      any:
      - resources:
          kinds:
          - Pod
    preconditions:
      all:
      - key: "{{request.object.spec.containers[] | length(@)}}"
        operator: GreaterThanOrEquals
        value: 2
    mutate:
      patchesJson6902: |-
        - op: add
          path: "/spec/containers/1/env/-"
          value: {"name":"K8S_IMAGE","value":"{{request.object.spec.containers[1].image}}"}        
  # Deployment with one Pod
  - name: deploy-containers-1-inject-image
    match:
      any:
      - resources:
          kinds:
          - Deployment
    preconditions:
      all:
      - key: "{{request.object.spec.template.spec.containers[] | length(@)}}"
        operator: GreaterThanOrEquals
        value: 1
    mutate:
      patchesJson6902: |-
        - op: add
          path: "/spec/template/spec/containers/0/env/-"
          value: {"name":"K8S_IMAGE","value":"{{request.object.spec.template.spec.containers[0].image}}"}        
  # Deployment with two or more Pods
  - name: deploy-containers-2-inject-image
    match:
      any:
      - resources:
          kinds:
          - Deployment
    preconditions:
      all:
      - key: "{{request.object.spec.template.spec.containers[] | length(@)}}"
        operator: GreaterThanOrEquals
        value: 2
    mutate:
      patchesJson6902: |-
        - op: add
          path: "/spec/template/spec/containers/1/env/-"
          value: {"name":"K8S_IMAGE","value":"{{request.object.spec.template.spec.containers[1].image}}"}
chore: all chainsaw tests (#9011) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2023-11-24 11:17:58 +01:00			`apiVersion: kyverno.io/v1`
			`kind: ClusterPolicy`
			`metadata:`
			`name: add-image-as-env-var`
			`# env array needs to exist (least one env var is present)`
			`spec:`
			`background: false`
			`schemaValidation: false`
			`rules:`
			`# One Pod`
			`- name: pod-containers-1-inject-image`
			`match:`
			`any:`
			`- resources:`
			`kinds:`
			`- Pod`
			`preconditions:`
			`all:`
			`- key: "{{request.object.spec.containers[] \| length(@)}}"`
			`operator: GreaterThanOrEquals`
			`value: 1`
			`mutate:`
			`patchesJson6902: \|-`
			`- op: add`
			`path: "/spec/containers/0/env/-"`
			`value: {"name":"K8S_IMAGE","value":"{{request.object.spec.containers[0].image}}"}`
			`# Two or more Pods`
			`- name: pod-containers-2-inject-image`
			`match:`
			`any:`
			`- resources:`
			`kinds:`
			`- Pod`
			`preconditions:`
			`all:`
			`- key: "{{request.object.spec.containers[] \| length(@)}}"`
			`operator: GreaterThanOrEquals`
			`value: 2`
			`mutate:`
			`patchesJson6902: \|-`
			`- op: add`
			`path: "/spec/containers/1/env/-"`
			`value: {"name":"K8S_IMAGE","value":"{{request.object.spec.containers[1].image}}"}`
			`# Deployment with one Pod`
			`- name: deploy-containers-1-inject-image`
			`match:`
			`any:`
			`- resources:`
			`kinds:`
			`- Deployment`
			`preconditions:`
			`all:`
			`- key: "{{request.object.spec.template.spec.containers[] \| length(@)}}"`
			`operator: GreaterThanOrEquals`
			`value: 1`
			`mutate:`
			`patchesJson6902: \|-`
			`- op: add`
			`path: "/spec/template/spec/containers/0/env/-"`
			`value: {"name":"K8S_IMAGE","value":"{{request.object.spec.template.spec.containers[0].image}}"}`
			`# Deployment with two or more Pods`
			`- name: deploy-containers-2-inject-image`
			`match:`
			`any:`
			`- resources:`
			`kinds:`
			`- Deployment`
			`preconditions:`
			`all:`
			`- key: "{{request.object.spec.template.spec.containers[] \| length(@)}}"`
			`operator: GreaterThanOrEquals`
			`value: 2`
			`mutate:`
			`patchesJson6902: \|-`
			`- op: add`
			`path: "/spec/template/spec/containers/1/env/-"`
			`value: {"name":"K8S_IMAGE","value":"{{request.object.spec.template.spec.containers[1].image}}"}`