mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00
Code Activity

fix: add conversion function in Helm template (#11651)

Browse source 
* fix: add conversion function in Helm template

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: retain object as is

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: json format

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: code-gen

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
This commit is contained in:
shuting 2024-11-25 23:10:23 +08:00 committed by GitHub
parent cf5a5b12ae
commit 70b666e53c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 22 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
charts/kyverno/templates/config/_helpers.tpl
View file

@ -56,12 +56,27 @@
{{- define "kyverno.config.webhooks" -}}
{{- $excludeDefault := dict "key" "kubernetes.io/metadata.name" "operator" "NotIn" "values" (list (include "kyverno.namespace" .)) }}
{{- $webhook := .Values.config.webhooks }}
{{- $namespaceSelector := default dict $webhook.namespaceSelector }}
{{- $matchExpressions := default list $namespaceSelector.matchExpressions }}
{{- $newNamespaceSelector := dict "matchLabels" $namespaceSelector.matchLabels "matchExpressions" (append $matchExpressions $excludeDefault) }}
{{- $newWebhook := merge (omit $webhook "namespaceSelector") (dict "namespaceSelector" $newNamespaceSelector) }}
{{- $newWebhook | toJson }}
{{- $webhooks := .Values.config.webhooks -}}
{{- if $webhooks | typeIs "slice" -}}
{{- $newWebhooks := dict -}}
{{- range $index, $webhook := $webhooks -}}
{{- if $webhook.namespaceSelector -}}
{{- $namespaceSelector := $webhook.namespaceSelector }}
{{- $matchExpressions := default (list) $namespaceSelector.matchExpressions }}
{{- $newNamespaceSelector := dict "matchLabels" $namespaceSelector.matchLabels "matchExpressions" (append $matchExpressions $excludeDefault) }}
{{- $newWebhook := merge (omit $webhook "namespaceSelector") (dict "namespaceSelector" $newNamespaceSelector) }}
{{- $newWebhooks = merge $newWebhooks (dict $webhook.name $newWebhook) }}
{{- end -}}
{{- end -}}
{{- $newWebhooks | toJson | nindent 2 }}
{{- else -}}
{{- $webhook := $webhooks }}
{{- $namespaceSelector := default (dict) $webhook.namespaceSelector }}
{{- $matchExpressions := default (list) $namespaceSelector.matchExpressions }}
{{- $newNamespaceSelector := dict "matchLabels" $namespaceSelector.matchLabels "matchExpressions" (append $matchExpressions $excludeDefault) }}
{{- $newWebhook := merge (omit $webhook "namespaceSelector") (dict "namespaceSelector" $newNamespaceSelector) }}
{{- $newWebhook | toJson | nindent 2 }}
{{- end -}}
{{- end -}}
{{- define "kyverno.config.imagePullSecret" -}}

2
config/install-latest-testing.yaml
View file

@ -175,7 +175,7 @@ data:
[Secret,kyverno,kyverno-svc.kyverno.svc.*]
[Secret,kyverno,kyverno-cleanup-controller.kyverno.svc.*]
updateRequestThreshold: "1000"
webhooks: "{\"namespaceSelector\":{\"matchExpressions\":[{\"key\":\"kubernetes.io/metadata.name\",\"operator\":\"NotIn\",\"values\":[\"kube-system\"]},{\"key\":\"kubernetes.io/metadata.name\",\"operator\":\"NotIn\",\"values\":[\"kyverno\"]}],\"matchLabels\":null}}"
webhooks: "\n {\"namespaceSelector\":{\"matchExpressions\":[{\"key\":\"kubernetes.io/metadata.name\",\"operator\":\"NotIn\",\"values\":[\"kube-system\"]},{\"key\":\"kubernetes.io/metadata.name\",\"operator\":\"NotIn\",\"values\":[\"kyverno\"]}],\"matchLabels\":null}}"
webhookAnnotations: "{\"admissions.enforcer/disabled\":\"true\"}"
---
apiVersion: v1