mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-09 01:16:55 +00:00
Code Activity
kyverno/charts/kyverno-policies/values.yaml
treydock 3f1a0bfd6c
Allow setting validationFailureActionOverrides for policies (#3201) 
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
2022-02-09 16:24:35 +08:00

54 lines
1.4 KiB
YAML
Raw Blame History

# Supported- baseline/restricted/privileged/custom
# For more info- https://kyverno.io/policies/pod-security
podSecurityStandard: baseline
# Supported- low/medium/high
podSecuritySeverity: medium
# Policies to include when podSecurityStandard is custom
podSecurityPolicies: []
# Additional policies to include from "other"
# Example:
# includeOtherPolicies:
# - require-non-root-groups
includeOtherPolicies: []
# Supported values- `audit`, `enforce`
# For more info- https://kyverno.io/docs/writing-policies/validate/
validationFailureAction: audit
# Define validationFailureActionOverrides for specific policies.
# The overrides for 'all' will apply to all policies
# Eg:
# validationFailureActionOverrides:
# all:
# - action: audit
# namespaces:
# - ingress-nginx
# disallow-host-path:
# - action: audit
# namespaces:
# - fluent
validationFailureActionOverrides:
all: []
# Exclude resources from individual policies
# Eg:
# policyExclude:
# disallow-host-path:
# any:
# - resources:
# kinds:
# - Pod
# namespaces:
# - fluent
#
# Policies with multiple rules can have individual rules excluded:
# policyExclude:
# adding-capabilities-strict:
# any:
# - resources:
# kinds:
# - Pod
# namespaces:
# - kube-system
policyExclude: {}
nameOverride:
# -- Additional labels
customLabels: {}
View git blame Copy permalink