mirrors/policy-reporter
1
0
Fork 0
mirror of https://github.com/kyverno/policy-reporter.git synced 2024-12-14 11:57:32 +00:00
Code Activity
policy-reporter/manifest/violations-email-report/cronjob.yaml
Frank Jogeleit 03626fd198 prepare release v24.0.1 
Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de>
2024-07-19 07:51:57 +02:00

63 lines
1.9 KiB
YAML
Raw Blame History

apiVersion: batch/v1
kind: CronJob
metadata:
name: policy-reporter-summary-report
namespace: policy-reporter
labels:
app.kubernetes.io/name: policy-reporter
app.kubernetes.io/part-of: policy-reporter
spec:
schedule: "* * * * *"
jobTemplate:
spec:
activeDeadlineSeconds: 300
backoffLimit: 1
ttlSecondsAfterFinished: 60
template:
metadata:
labels:
app.kubernetes.io/name: policy-reporter
app.kubernetes.io/part-of: policy-reporter
spec:
serviceAccountName: policy-reporter
automountServiceAccountToken: true
securityContext:
fsGroup: 1234
restartPolicy: Never
containers:
- name: policy-reporter
image: "ghcr.io/kyverno/policy-reporter:2.20.1"
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1234
seccompProfile:
type: RuntimeDefault
command:
- /app/policyreporter
- send
- violations
args:
- --config=/app/config.yaml
- --template-dir=/app/templates
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
volumeMounts:
- name: config-file
mountPath: /app/config.yaml
subPath: config.yaml
readOnly: true
volumes:
- name: config-file
secret:
secretName: policy-reporter-config-email-reports
optional: true
View git blame Copy permalink