Skip to content

Commit

Permalink
chore: excluded jobs and cronjobs
Browse files Browse the repository at this point in the history 
Signed-off-by: Ved Ratan <[email protected]>
  • Loading branch information
@VedRatan
VedRatan committed Aug 9, 2024
1 parent 459b449 commit 74387e8
Showing 1 changed file with 20 additions and 2 deletions.
22 changes: 20 additions & 2 deletions charts/rbac-best-practices/pols/restrict-automount-sa-token.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,13 +73,31 @@ spec:
- Pod
selector:
matchLabels:
batch.kubernetes.io/job-name: "kyverno-cleanup-admission-reports-*"
job-name: "kyverno-cleanup-admission-reports-*"
- resources:
kinds:
- Pod
selector:
matchLabels:
batch.kubernetes.io/job-name=kyverno: "cleanup-cluster-admission-reports-*"
job-name: "kyverno-cleanup-cluster-admission-reports-*"
- resources:
kinds:
- Pod
selector:
matchLabels:
job-name: "kyverno-cleanup-ephemeral-reports-*"
- resources:
kinds:
- Pod
selector:
matchLabels:
job-name: "kyverno-cleanup-cluster-ephemeral-reports-*"
- resources:
kinds:
- Pod
selector:
matchLabels:
job-name: "kyverno-cleanup-update-requests-*"
preconditions:
all:
- key: "{{ request.\"object\".metadata.labels.\"app.kubernetes.io/part-of\" || '' }}"
Expand Down

0 comments on commit 74387e8

Please sign in to comment.