1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00
kyverno/charts/kyverno-policies
shuting 3c48fd9c81
release v1.5.3-rc1 (#2919)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-01-06 18:35:36 +08:00
..
templates Switch Helm CRDs back to kyverno chart and move Policies to dedicated chart (#2357) 2021-09-22 13:56:10 -07:00
Chart.yaml release v1.5.3-rc1 (#2919) 2022-01-06 18:35:36 +08:00
README.md Switch Helm CRDs back to kyverno chart and move Policies to dedicated chart (#2357) 2021-09-22 13:56:10 -07:00
values.yaml Switch Helm CRDs back to kyverno chart and move Policies to dedicated chart (#2357) 2021-09-22 13:56:10 -07:00

Kyverno Policies

TL;DR

## Add the Kyverno Helm repository
$ helm repo add kyverno https://kyverno.github.io/kyverno/

## Install the Kyverno Policies Helm chart
$ helm install kyverno-policies --namespace kyverno kyverno/kyverno-policies

Uninstalling the Chart

To uninstall/delete the kyverno-policies chart:

$ helm delete -n kyverno kyverno-policies

The command removes all the Kubernetes components associated with the chart and deletes the release.

Configuration

The following table lists the configurable parameters of the kyverno chart and their default values.

Parameter Description Default
podSecurityStandard set desired pod security level privileged, baseline, restricted, custom. Set to restricted for maximum security for your cluster. See: https://kyverno.io/policies/pod-security/ baseline
podSecuritySeverity set desired pod security severity low, medium, high. Used severity level in PolicyReportResults for the selected pod security policies. medium
podSecurityPolicies Policies to include when podSecurityStandard is set to custom []
validationFailureAction set to get response in failed validation check. Supported values are audit and enforce. See: https://kyverno.io/docs/writing-policies/validate/ audit

Specify each parameter using the --set key=value[,key=value] argument to helm install. For example,

$ helm install --namespace kyverno kyverno-policies ./charts/kyverno-policies \
  --set=podSecurityStandard=restricted,validationFailureAction=enforce

Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example,

$ helm install --namespace kyverno kyverno-policies ./charts/kyverno-policies -f values.yaml

Tip: You can use the default values.yaml