kyverno/test/conformance/chainsaw/webhook-configurations/webhook-registeration/webhook.yaml

apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
  labels:
    webhook.kyverno.io/managed-by: kyverno
  name: kyverno-resource-validating-webhook-cfg
webhooks:
- failurePolicy: Ignore
  matchConditions:
  - expression: '!("system:nodes" in request.userInfo.groups)'
    name: exclude-requests-by-groups
  matchPolicy: Equivalent
  name: validate.kyverno.svc-ignore-finegrained-cpol-fine-grained-match-conditions-disallow-latest-image-tag-1
  rules:
  - apiGroups:
    - ""
    apiVersions:
    - v1
    operations:
    - CREATE
    - UPDATE
    - DELETE
    - CONNECT
    resources:
    - pods
    - pods/ephemeralcontainers
    scope: Namespaced
feat: add chainsaw test for policy webhook based configuration (#9645) * feat: add chainsaw test for policy webhook based configuration Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2024-02-06 20:05:45 +02:00			`apiVersion: admissionregistration.k8s.io/v1`
			`kind: ValidatingWebhookConfiguration`
			`metadata:`
			`labels:`
			`webhook.kyverno.io/managed-by: kyverno`
			`name: kyverno-resource-validating-webhook-cfg`
			`webhooks:`
			`- failurePolicy: Ignore`
			`matchConditions:`
			`- expression: '!("system:nodes" in request.userInfo.groups)'`
			`name: exclude-requests-by-groups`
			`matchPolicy: Equivalent`
			`name: validate.kyverno.svc-ignore-finegrained-cpol-fine-grained-match-conditions-disallow-latest-image-tag-1`
			`rules:`
			`- apiGroups:`
			`- ""`
			`apiVersions:`
			`- v1`
			`operations:`
			`- CREATE`
			`- UPDATE`
			`- DELETE`
			`- CONNECT`
			`resources:`
			`- pods`
			`- pods/ephemeralcontainers`
			`scope: Namespaced`