24 lines
590 B
YAML
24 lines
590 B
YAML
apiVersion: kyverno.io/v1
|
|
kind: ClusterPolicy
|
|
metadata:
|
|
name: auto-label-static
|
|
annotations:
|
|
policies.kyverno.io/title: Auto-label static applications
|
|
policies.kyverno.io/category: Best Practices
|
|
spec:
|
|
rules:
|
|
- name: add-security-labels
|
|
match:
|
|
resources:
|
|
kinds:
|
|
- Pod
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/part-of: "static-site"
|
|
mutate:
|
|
patchStrategicMerge:
|
|
metadata:
|
|
labels:
|
|
security.kyverno.io/nonsecure: "true"
|
|
app-type: "static"
|