Dreaded_X
4815b133a9
Some checks failed
kustomization/rook-ceph-cluster/3a682516 dependency not ready
kustomization/apps/3a682516 dependency not ready
kustomization/node-feature-discovery/3a682516 reconciliation succeeded
kustomization/kyverno/3a682516 reconciliation succeeded
kustomization/akri/3a682516 reconciliation succeeded
kustomization/kyverno-policies/3a682516 reconciliation succeeded
kustomization/node-feature-discovery-rules/3a682516 reconciliation succeeded
kustomization/flux-system/3a682516 reconciliation succeeded
kustomization/kube-vip/3a682516 reconciliation succeeded
kustomization/cert-manager/3a682516 reconciliation succeeded
kustomization/letsencrypt/3a682516 reconciliation succeeded
kustomization/topolvm/3a682516 reconciliation succeeded
kustomization/traefik/3a682516 reconciliation succeeded
kustomization/velero/3a682516 reconciliation succeeded
kustomization/cnpg/3a682516 reconciliation succeeded
kustomization/traefik-middleware/3a682516 reconciliation succeeded
kustomization/lldap/3a682516 reconciliation succeeded
kustomization/authelia/3a682516 reconciliation succeeded
kustomization/rook-ceph/3a682516 reconciliation failed
38 lines
1.1 KiB
YAML
38 lines
1.1 KiB
YAML
apiVersion: kyverno.io/v2beta1
|
|
kind: ClusterPolicy
|
|
metadata:
|
|
name: kube-vip-network-adapter
|
|
annotations:
|
|
pod-policies.kyverno.io/autogen-controllers: none
|
|
policies.kyverno.io/title: Kube VIP adapter label
|
|
policies.kyverno.io/category: Other
|
|
policies.kyverno.io/subject: Pod
|
|
kyverno.io/kyverno-version: 1.10.0
|
|
policies.kyverno.io/minversion: 1.10.0
|
|
kyverno.io/kubernetes-version: "1.26"
|
|
spec:
|
|
background: false
|
|
rules:
|
|
- name: add-network-adapter-annotation
|
|
match:
|
|
any:
|
|
- resources:
|
|
kinds:
|
|
- Pod/binding
|
|
names:
|
|
- kube-vip-*
|
|
context:
|
|
- name: node
|
|
variable:
|
|
jmesPath: request.object.target.name
|
|
default: ""
|
|
- name: adapter
|
|
apiCall:
|
|
urlPath: "/api/v1/nodes/{{node}}"
|
|
jmesPath: 'metadata.labels."feature.node.kubernetes.io/network-adapter" || "empty"'
|
|
mutate:
|
|
patchStrategicMerge:
|
|
metadata:
|
|
annotations:
|
|
feature.node.kubernetes.io/network-adapter: "{{ adapter }}"
|