44 lines
1.2 KiB
YAML
44 lines
1.2 KiB
YAML
apiVersion: kyverno.io/v1
|
|
kind: ClusterPolicy
|
|
metadata:
|
|
name: restart-deployment-on-secret-change
|
|
annotations:
|
|
policies.kyverno.io/title: Restart Deployment On Secret Change
|
|
policies.kyverno.io/category: Other
|
|
policies.kyverno.io/severity: medium
|
|
policies.kyverno.io/subject: Deployment
|
|
kyverno.io/kyverno-version: 1.7.0
|
|
policies.kyverno.io/minversion: 1.7.0
|
|
kyverno.io/kubernetes-version: "1.23"
|
|
spec:
|
|
mutateExistingOnPolicyUpdate: false
|
|
rules:
|
|
- name: update-secret
|
|
skipBackgroundRequests: false
|
|
match:
|
|
any:
|
|
- resources:
|
|
kinds:
|
|
- Secret
|
|
names:
|
|
- authelia-acl
|
|
namespaces:
|
|
- authelia
|
|
preconditions:
|
|
all:
|
|
- key: "{{request.operation || 'BACKGROUND'}}"
|
|
operator: Equals
|
|
value: UPDATE
|
|
mutate:
|
|
targets:
|
|
- apiVersion: apps/v1
|
|
kind: Deployment
|
|
name: authelia
|
|
namespace: authelia
|
|
patchStrategicMerge:
|
|
spec:
|
|
template:
|
|
metadata:
|
|
annotations:
|
|
config.huizinga.dev/triggerRestart: "{{request.object.metadata.resourceVersion}}"
|