mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-10 18:06:55 +00:00
Code Activity
kyverno/test/cli/test-validating-admission-policy/with-bindings-3/policy.yaml

35 lines
762 B
YAML
Raw Normal View History

feat: apply VAP bindings in CLI apply command in offline mode (#9751) * feat: apply VAP bindings in CLI apply command in offline mode Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix lint Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix chainsaw tests Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-02-21 09:52:25 +02:00
apiVersion: admissionregistration.k8s.io/v1beta1
kind: ValidatingAdmissionPolicy
metadata:
name: "check-deployment-replicas"
spec:
matchConstraints:
resourceRules:
- apiGroups:
- apps
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- deployments
validations:
- expression: object.spec.replicas <= 2
---
apiVersion: admissionregistration.k8s.io/v1beta1
kind: ValidatingAdmissionPolicyBinding
metadata:
name: "check-deployment-replicas-binding"
spec:
policyName: "check-deployment-replicas"
validationActions: [Deny]
matchResources:
namespaceSelector:
matchExpressions:
- key: environment
operator: In
values:
- staging
- production
Copy permalink