cleanup example folder

examples/mutate/overlay/nginx.yaml

@@ -1,25 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: nginx-deployment
-  creationTimestamp: 
-  labels:
-    app: nginx
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: nginx
-  template:
-    metadata:
-      creationTimestamp: 
-      labels:
-        app: nginx
-    spec:
-      containers:
-      - name: nginx
-        image: nginx:latest
-        ports:
-        - containerPort: 80
-      - name: ghost
-        image: ghost:latest

examples/mutate/overlay/policy_imagePullPolicy.yaml

@@ -1,20 +0,0 @@
-apiVersion: kyverno.io/v1alpha1
-kind: Policy
-metadata:
-  name: set-image-pull-policy
-spec:
-  rules:
-  - name: set-image-pull-policy
-    match:
-      resources:
-        kinds:
-        - Deployment
-    mutate:
-      overlay:
-        spec:
-          template:
-            spec:
-              containers:
-                # if the image tag is latest, set the imagePullPolicy to Always
-                - (image): "*:latest"
-                  imagePullPolicy: "IfNotPresent"

examples/policy_generate_networkPolicy.yaml

@@ -1,7 +1,7 @@
 apiVersion: kyverno.io/v1alpha1
 kind: Policy
 metadata:
-  name: "default"
+  name: "deny-ingress-traffic"
 spec:
   rules:
   - name: "deny-ingress-traffic"
@@ -15,13 +15,14 @@ spec:
       name: deny-ingress-traffic
       data:
         spec:
+          podSelector: {}
           policyTypes: 
           - Ingress
+          ingress:
+          - from:
+            - podSelector:
+                matchLabels:
+                  role: frontend
         metadata:
           labels:
-            policyname: "default"
+            policyname: "default"
-      # kind: ConfigMap
-      # name: default-config
-      # clone:
-      #   namespace: default
-      #   name: config-template

examples/policy_mutate_endpoint.yaml

@@ -17,12 +17,6 @@ spec :
           - path : "/subsets/0/ports/0/port"
             op : replace
             value: 9663
-          - path : "/subsets/0"
+          - path : "/metadata/labels/isMutated"
             op: add
-            value:
+            value: "true"
-              addresses:
-              - ip: "192.168.10.172"
-              ports:
-              - name: load-balancer-connection
-                port: 80
-                protocol: UDP

examples/policy_mutate_imagePullPolicy.yaml

@@ -9,13 +9,9 @@ spec:
       resources:
         kinds:
         - Deployment
-    exclude:
+        selector:
-      resources:
+          matchLabels:
-       name: nginx-deployment1
+            app : nginxlatest
-       selector :
-        matchLabels:
-          app: nginx1
-       namespace: "default"
     mutate:
       overlay:
         spec:

examples/policy_mutate_validate_qos.yaml

@@ -10,6 +10,9 @@ spec:
         resources:
           kinds:
           - Deployment
+          selector :
+            matchLabels:
+              test: qos
       mutate:
         overlay:
           spec:
@@ -28,6 +31,9 @@ spec:
         resources:
           kinds:
           - Deployment
+          selector :
+            matchLabels:
+              test: qos
       validate:
         message: "Resource limits are required for CPU and memory"
         pattern:

examples/policy_validate_containerSecurityContext.yaml

@@ -24,4 +24,4 @@ spec:
                   allowPrivilegeEscalation: false
                   # fields can be customized
                   # privileged: false
-                  # readOnlyRootFilesystem: true
+                  # readOnlyRootFilesystem: true

examples/policy_validate_imageRegistries.yaml

@@ -10,7 +10,9 @@ spec:
         kinds:
         - Deployment
         - StatefulSet
-        namespace: default
+        selector:
+          matchLabels:
+            app: nirmata-nginx
     validate:
       message: "Registry is not allowed"
       pattern:

examples/policy_validate_nonRootUser.yaml

@@ -11,7 +11,7 @@ spec:
         - Deployment
         selector :
           matchLabels:
-            app.type: prod
+            test: psp
     validate:
       message: "security context 'runAsNonRoot' shoud be set to true"
       pattern:

examples/resource_mutate_imagePullPolicy.yaml

@@ -3,17 +3,16 @@ kind: Deployment
 metadata:
   name: nginx-deployment
   labels:
-    app: nginx
+    app: nginxlatest
-    cli: test
 spec:
   replicas: 1
   selector:
     matchLabels:
-      app: nginx
+      app: nginxlatest
   template:
     metadata:
       labels:
-        app: nginx
+        app: nginxlatest
     spec:
       containers:
       - name: nginx

examples/resource_mutate_validate_qos.yaml

@@ -2,6 +2,8 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: qos-demo
+  labels:
+    test: qos
 spec:
   replicas: 1
   selector:

examples/resource_validate_containerSecurityContext.yaml

@@ -1,7 +1,7 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: psp-demo-unprivileged
+  name: csc-demo-unprivileged
   labels:
     app.type: prod
 spec:
@@ -19,4 +19,4 @@ spec:
         image: nginxinc/nginx-unprivileged
         securityContext:
           runAsNonRoot: true
-          allowPrivilegeEscalation: true
+          allowPrivilegeEscalation: false

examples/resource_validate_imageRegistries.yaml

@@ -1,9 +1,9 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: nginx-deployment
+  name: nirmata-nginx
   labels:
-    app: nginx
+    app: nirmata-nginx
     cli: test
 spec:
   replicas: 1
@@ -16,6 +16,6 @@ spec:
         app: nginx
     spec:
       containers:
-      - name: nginx
+      - name: nirmata-nginx
         # image: nginx
         image: nirmata/nginx

examples/resource_validate_nonRootUser.yaml

@@ -3,16 +3,16 @@ kind: Deployment
 metadata:
   name: psp-demo-unprivileged
   labels:
-    app.type: prod
+    test: psp
 spec:
   replicas: 1
   selector:
     matchLabels:
-      app: psp
+      test: psp
   template:
     metadata:
       labels:
-        app: psp
+        test: psp
     spec:
       securityContext:
         runAsNonRoot: true