1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-05 07:26:55 +00:00
kyverno/charts/kyverno-policies/ci/test-values.yaml
Daniel Schunack 1e5282c707
[Feature] Add ability to get additional policies from restricted (#4416)
* Add includeRestrictedPolicies function
* Add Test Case

Signed-off-by: dschunack <dschunack@web.de>
2022-08-29 17:45:29 +00:00

31 lines
662 B
YAML

podSecurityStandard: restricted
includeOtherPolicies:
- require-non-root-groups
includeRestrictedPolicies:
- require-run-as-non-root-user
validationFailureActionByPolicy:
require-non-root-groups: enforce
validationFailureActionOverrides:
all:
- action: audit
namespaces:
- ingress-nginx
disallow-host-path:
- action: audit
namespaces:
- fluent
policyExclude:
disallow-host-path:
any:
- resources:
kinds:
- Pod
namespaces:
- fluent
require-non-root-groups:
any:
- resources:
kinds:
- Pod
namespaces:
- fluent