apiVersion : kyverno.io/v1
kind : ClusterPolicy
metadata :
  name : policy-cm
spec :
  rules:
    - name: pCM1
      match:
        resources:
          kinds :
          - ConfigMap
          name: "game-config"
      mutate:
        overlay:
          data:
            char.properties:
              Name=Ellen Ripley
              Race=human
        patches:
        - path: "/data/ship.properties"
          op: add
          value: |
            type=starship
            owner=utany.corp
        - path : "/data/newKey"
          op : add
          value : newValue
    - name: pCM2
      match:
        resources:
          kinds :
          - ConfigMap
          name: "game-config"
      mutate:
        patches:
        - path : "/data/secretData"
          op : remove
        - path : "/data/secretDatatoreplace"
          op : replace
          value : "data is replaced"
    - name: pCM3
      match:
        resources:
          kinds :
          - ConfigMap
          name: "game-config"
      mutate:
        patches:
        - path : "/data/secretData"
          op : add
          value : newData
      validate:
        message: "There is only one enemy"
        pattern:
          data:
            game.properties: "*enemies=aliens*"
    - name: pCM4
      match:
        resources:
          kinds :
          - ConfigMap
          name: "game-config"
      validate:
        message: "This CM data is broken because it does not have ui.properties"
        pattern:
          data:
            ui.properties: "*"