kyverno/charts/kyverno-policies/ci/test-preconditions-values.yaml

podSecurityStandard: restricted
includeOtherPolicies:
- require-non-root-groups
policyPreconditions:
  require-run-as-non-root-user:
    all:
    - key: "{{ request.object.metadata.name }}"
      operator: NotEquals
      value: "dcgm-exporter*"
  require-drop-all:
    any:
    - key: "{{ request.object.metadata.name }}"
      operator: NotEquals
      value: "dcgm-exporter*"
  disallow-capabilities:
    all:
    - key: "{{ request.object.metadata.name }}"
      operator: NotEquals
      value: "dcgm-exporter*"
  adding-capabilities-strict:
    all:
    - key: "{{ request.object.metadata.name }}"
      operator: NotEquals
      value: "dcgm-exporter*"
  restrict-volume-types:
    all:
    - key: "{{ request.object.metadata.name }}"
      operator: NotEquals
      value: "dcgm-exporter*"
Allow kyverno-policies to have preconditions defined (#3606) * Allow kyverno-policies to have preconditions defined Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Fix docs Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> 2022-04-18 13:59:47 -04:00			`podSecurityStandard: restricted`
			`includeOtherPolicies:`
			`- require-non-root-groups`
			`policyPreconditions:`
			`require-run-as-non-root-user:`
Cherry-pick release-1.6 Helm changes (#3689) * Support releasing kyverno and kyverno-policies chart separately (#3672) Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Add DELETE precondition back (#3657) * Add DELETE precondition back Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Add another example and test for 'any' Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> Co-authored-by: shuting <shuting@nirmata.com> 2022-04-26 23:52:45 -04:00			`all:`
			`- key: "{{ request.object.metadata.name }}"`
			`operator: NotEquals`
			`value: "dcgm-exporter*"`
			`require-drop-all:`
Allow kyverno-policies to have preconditions defined (#3606) * Allow kyverno-policies to have preconditions defined Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Fix docs Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> 2022-04-18 13:59:47 -04:00			`any:`
			`- key: "{{ request.object.metadata.name }}"`
			`operator: NotEquals`
			`value: "dcgm-exporter*"`
fix(policy chart): Skip DELETE requests on policies using deny statements (#7883) Fixes #7456 Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> Co-authored-by: shuting <shuting@nirmata.com> 2023-07-24 10:29:35 -04:00			`disallow-capabilities:`
			`all:`
			`- key: "{{ request.object.metadata.name }}"`
			`operator: NotEquals`
			`value: "dcgm-exporter*"`
Allow kyverno-policies to have preconditions defined (#3606) * Allow kyverno-policies to have preconditions defined Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Fix docs Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> 2022-04-18 13:59:47 -04:00			`adding-capabilities-strict:`
Cherry-pick release-1.6 Helm changes (#3689) * Support releasing kyverno and kyverno-policies chart separately (#3672) Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Add DELETE precondition back (#3657) * Add DELETE precondition back Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Add another example and test for 'any' Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> Co-authored-by: shuting <shuting@nirmata.com> 2022-04-26 23:52:45 -04:00			`all:`
Allow kyverno-policies to have preconditions defined (#3606) * Allow kyverno-policies to have preconditions defined Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Fix docs Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> 2022-04-18 13:59:47 -04:00			`- key: "{{ request.object.metadata.name }}"`
			`operator: NotEquals`
			`value: "dcgm-exporter*"`
fix(policy chart): Skip DELETE requests on policies using deny statements (#7883) Fixes #7456 Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> Co-authored-by: shuting <shuting@nirmata.com> 2023-07-24 10:29:35 -04:00			`restrict-volume-types:`
			`all:`
			`- key: "{{ request.object.metadata.name }}"`
			`operator: NotEquals`
			`value: "dcgm-exporter*"`