kyverno/examples/Validate/check_whitelist_registries.yaml

apiVersion : kyverno.io/v1alpha1
kind: Policy
metadata:
  name: check-whitelist-registries
spec:
  rules:
  - name: check-whitelist-registries
    resource:
      kinds:
      - Deployment
      - StatefulSet
    validate:
      message: "Registry is not allowed"
      pattern:
        spec:
          template:
            spec:
              containers:
              - name: "*"
                # Checks if the image path starts with "https://hub.docker.io/nirmata/*"
                image: https://hub.docker.io/nirmata/*
update apiVersion in policy for examples 2019-05-22 17:29:26 -07:00			`apiVersion : kyverno.io/v1alpha1`
- move prior examples to 'test' and add new validation examples 2019-05-17 14:18:10 -07:00			`kind: Policy`
			`metadata:`
			`name: check-whitelist-registries`
			`spec:`
			`rules:`
			`- name: check-whitelist-registries`
			`resource:`
Updated examples 2019-05-23 20:37:11 +03:00			`kinds:`
support list of kind in resource, update the CRD openapischema & adapt the test and examples for the change 2019-05-21 15:43:43 -07:00			`- Deployment`
Updated examples 2019-05-23 20:37:11 +03:00			`- StatefulSet`
- move prior examples to 'test' and add new validation examples 2019-05-17 14:18:10 -07:00			`validate:`
Updated examples 2019-05-23 20:37:11 +03:00			`message: "Registry is not allowed"`
- move prior examples to 'test' and add new validation examples 2019-05-17 14:18:10 -07:00			`pattern:`
Updated examples 2019-05-23 20:37:11 +03:00			`spec:`
			`template:`
			`spec:`
			`containers:`
			`- name: "*"`
			`# Checks if the image path starts with "https://hub.docker.io/nirmata/*"`
			`image: https://hub.docker.io/nirmata/*`