fix 5151 issue (#5170)

cmd/cli/kubectl-kyverno/utils/common/common.go

@@ -468,16 +468,6 @@ OuterLoop:
 		}
 	}
 
-	if c.Resource.GetKind() == "Pod" && len(c.Resource.GetOwnerReferences()) > 0 {
-		if c.Policy.HasAutoGenAnnotation() {
-			annotations := c.Policy.GetAnnotations()
-			if _, ok := annotations[kyvernov1.PodControllersAnnotation]; ok {
-				delete(annotations, kyvernov1.PodControllersAnnotation)
-				c.Policy.SetAnnotations(annotations)
-			}
-		}
-	}
-
 	var policyHasValidate bool
 	for _, rule := range autogen.ComputeRules(c.Policy) {
 		if rule.HasValidate() || rule.HasImagesValidationChecks() {

test/cli/test/owner_references/kyverno-test.yaml

@@ -0,0 +1,21 @@
+name: pod-probes
+policies:
+- policy.yaml
+resources:
+- resource.yaml
+results:
+- policy: require-pod-probes
+  rule: require-pod-probes
+  resource: pod-fail
+  kind: Pod
+  result: fail
+- policy: require-pod-probes
+  rule: require-pod-probes
+  resource: deployment-skip
+  kind: Deployment
+  result: skip
+- policy: require-pod-probes
+  rule: require-pod-probes
+  resource: cronjob-skip
+  kind: CronJob
+  result: skip

test/cli/test/owner_references/policy.yaml

@@ -0,0 +1,30 @@
+---
+apiVersion: kyverno.io/v1
+kind: ClusterPolicy
+metadata:
+  name: require-pod-probes
+  annotations:
+    pod-policies.kyverno.io/autogen-controllers: DaemonSet,StatefulSet
+    policies.kyverno.io/title: Require Pod Probes
+    policies.kyverno.io/category: Best Practices
+    policies.kyverno.io/severity: medium
+    policies.kyverno.io/subject: Pod
+spec:
+  validationFailureAction: enforce
+  background: true
+  rules:
+  - name: require-pod-probes
+    match: 
+      any:
+      - resources:
+          kinds:
+          - Pod
+    validate:
+      message: "Liveness and readiness probes are required."
+      pattern:
+        spec:
+          containers:
+          - livenessProbe:
+              periodSeconds: ">0"
+            readinessProbe:
+              periodSeconds: ">0"

test/cli/test/owner_references/resource.yaml

@@ -0,0 +1,48 @@
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  name: pod-fail
+  ownerReferences:
+  - apiVersion: apps/v1
+    kind: Deployment
+    name: xyz
+spec:
+  containers:
+  - name: test-probes
+    image: k8s.gcr.io/liveness
+    args:
+    - /server
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: deployment-skip
+spec:
+  template:
+    spec:
+      containers:
+      - name: test-probes
+        image: k8s.gcr.io/liveness
+        args:
+        - /server
+---
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: cronjob-skip
+spec:
+  schedule: "* * * * *"
+  jobTemplate:
+    spec:
+      template:
+        spec:
+          containers:
+          - name: hello
+            image: busybox
+            imagePullPolicy: IfNotPresent
+            command:
+            - /bin/sh
+            - -c
+            - date; echo Hello from the Kubernetes cluster
+          restartPolicy: OnFailure