1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-16 04:28:42 +00:00
kyverno/documentation/writing-policies-generate.md

50 lines
1.5 KiB
Markdown
Raw Normal View History

2019-05-21 15:56:01 -07:00
<small>*[documentation](/README.md#documentation) / [Writing Policies](/documentation/writing-policies.md) / Generate*</small>
2019-05-21 15:50:36 -07:00
2019-05-21 15:56:01 -07:00
# Generate Configurations
2019-05-21 15:50:36 -07:00
2019-05-22 18:14:10 +03:00
```generatate``` feature can be applied to created namespaces to create new resources in them. This feature is useful when every namespace in a cluster must contain some basic required resources. The feature is available for policy rules in which the resource kind is Namespace.
2019-05-21 15:50:36 -07:00
2019-05-22 18:14:10 +03:00
## Example
2019-05-21 15:50:36 -07:00
2019-05-22 18:14:10 +03:00
````yaml
apiVersion : kyverno.io/v1alpha1
kind : Policy
metadata :
name : basic-policy
spec :
rules:
- name: "Basic confog generator for all namespaces"
resource:
kind: Namespace
generate:
# For now the next kinds are supported:
# ConfigMap
# Secret
- kind: ConfigMap
name: default-config
copyFrom:
namespace: default
name: config-template
data:
DB_ENDPOINT: mongodb://mydomain.ua/db_stage:27017
labels:
purpose: mongo
- kind: Secret
name: mongo-creds
data:
DB_USER: YWJyYWthZGFicmE=
DB_PASSWORD: YXBwc3dvcmQ=
labels:
purpose: mongo
````
In this example, when this policy is applied, any new namespace will receive 2 new resources after its creation:
* ConfigMap copied from default/config-template with added value DB_ENDPOINT.
* Secret with values DB_USER and DB_PASSWORD.
2019-05-22 18:15:35 +03:00
2019-05-22 18:14:10 +03:00
Both resources will contain a label ```purpose: mongo```
2019-05-21 15:50:36 -07:00
---
2019-05-21 15:56:01 -07:00
<small>*Read Next >> [Testing Policies](/documentation/testing-policies.md)*</small>
2019-05-21 15:50:36 -07:00