mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-06 16:06:56 +00:00
30 lines
1 KiB
YAML
30 lines
1 KiB
YAML
|
kind: Cluster
|
||
|
|
apiVersion: kind.x-k8s.io/v1alpha4
|
||
|
|
nodes:
|
||
|
|
- role: control-plane
|
||
|
|
kubeadmConfigPatches:
|
||
|
|
- |
|
||
|
|
kind: ClusterConfiguration
|
||
|
|
apiServer:
|
||
|
|
# enable auditing flags on the API server
|
||
|
|
extraArgs:
|
||
|
|
audit-log-path: /var/log/kubernetes/kube-apiserver-audit.log
|
||
|
|
audit-policy-file: /etc/kubernetes/policies/audit-policy.yaml
|
||
|
|
# mount new files / directories on the control plane
|
||
|
|
extraVolumes:
|
||
|
|
- name: audit-policies
|
||
|
|
hostPath: /etc/kubernetes/policies
|
||
|
|
mountPath: /etc/kubernetes/policies
|
||
|
|
readOnly: true
|
||
|
|
pathType: "DirectoryOrCreate"
|
||
|
|
- name: "audit-logs"
|
||
|
|
hostPath: "/var/log/kubernetes"
|
||
|
|
mountPath: "/var/log/kubernetes"
|
||
|
|
readOnly: false
|
||
|
|
pathType: DirectoryOrCreate
|
||
|
|
# mount the local file on the control plane
|
||
|
|
extraMounts:
|
||
|
|
- hostPath: ./scripts/config/kind/audit-policy.yaml
|
||
|
|
containerPath: /etc/kubernetes/policies/audit-policy.yaml
|
||
|
|
readOnly: true
|