1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-31 03:45:17 +00:00
kyverno/examples/Validate/check_whitelist_registries.yaml

22 lines
527 B
YAML
Raw Normal View History

apiVersion : kyverno.io/v1alpha1
kind: Policy
metadata:
name: check-whitelist-registries
spec:
rules:
- name: check-whitelist-registries
resource:
2019-05-23 20:37:11 +03:00
kinds:
- Deployment
2019-05-23 20:37:11 +03:00
- StatefulSet
validate:
2019-05-23 20:37:11 +03:00
message: "Registry is not allowed"
pattern:
2019-05-23 20:37:11 +03:00
spec:
template:
spec:
containers:
- name: "*"
# Checks if the image path starts with "https://hub.docker.io/nirmata/*"
image: https://hub.docker.io/nirmata/*