mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-06 16:06:56 +00:00
36 lines
No EOL
1 KiB
YAML
36 lines
No EOL
1 KiB
YAML
apiVersion: policy.nirmata.io/v1alpha1
|
|
kind: Policy
|
|
metadata:
|
|
name: check-cpu-memory
|
|
spec:
|
|
rules:
|
|
- name: check-defined
|
|
resource:
|
|
kind: Deployment
|
|
validate:
|
|
message: "Resource requests and limits are required for CPU and memory"
|
|
pattern:
|
|
spec:
|
|
containers:
|
|
- name: "*"
|
|
resources:
|
|
limits:
|
|
memory: "?"
|
|
cpu: "?"
|
|
requests:
|
|
memory: "?"
|
|
cpu: "?"
|
|
- name: check-memory-in-range
|
|
resource:
|
|
kind: Deployment
|
|
validate:
|
|
message: "Memory request cannot be greater than 10Gi"
|
|
pattern:
|
|
spec:
|
|
containers:
|
|
- name: "*"
|
|
resources:
|
|
requests:
|
|
# If the value contains logical operator, the integer after it will be checked. No numeric characters will be a part of pattern.
|
|
# The OR operator can combine the patterns with logical expressions and text patterns.
|
|
memory: "<10Gi|<1024Mi" |