From 74387e8adf3b3a621d73b5ea712e35cc0296c861 Mon Sep 17 00:00:00 2001
From: Ved Ratan <ved.ratan@nirmata.com>
Date: Fri, 9 Aug 2024 19:11:00 +0530
Subject: [PATCH] chore: excluded jobs and cronjobs

Signed-off-by: Ved Ratan <ved.ratan@nirmata.com>
---
 .../pols/restrict-automount-sa-token.yaml     | 22 +++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

diff --git a/charts/rbac-best-practices/pols/restrict-automount-sa-token.yaml b/charts/rbac-best-practices/pols/restrict-automount-sa-token.yaml
index 3bd2af54..a7e557f4 100644
--- a/charts/rbac-best-practices/pols/restrict-automount-sa-token.yaml
+++ b/charts/rbac-best-practices/pols/restrict-automount-sa-token.yaml
@@ -73,13 +73,31 @@ spec:
           - Pod
           selector:
             matchLabels:
-              batch.kubernetes.io/job-name: "kyverno-cleanup-admission-reports-*"   
+              job-name: "kyverno-cleanup-admission-reports-*"   
       - resources:
           kinds:
           - Pod
           selector:
             matchLabels:
-              batch.kubernetes.io/job-name=kyverno: "cleanup-cluster-admission-reports-*" 
+              job-name: "kyverno-cleanup-cluster-admission-reports-*" 
+      - resources:
+          kinds:
+          - Pod
+          selector:
+            matchLabels:
+              job-name: "kyverno-cleanup-ephemeral-reports-*" 
+      - resources:
+          kinds:
+          - Pod
+          selector:
+            matchLabels:
+              job-name: "kyverno-cleanup-cluster-ephemeral-reports-*" 
+      - resources:
+          kinds:
+          - Pod
+          selector:
+            matchLabels:
+              job-name: "kyverno-cleanup-update-requests-*" 
     preconditions:
       all:
       - key: "{{ request.\"object\".metadata.labels.\"app.kubernetes.io/part-of\" || '' }}"