github.com/Racer159/jackal@v0.32.7-0.20240401174413-0bd2339e4f2e/examples/big-bang/config/kyverno.yaml

github.com/Racer159/jackal@v0.32.7-0.20240401174413-0bd2339e4f2e/examples/big-bang/config/kyverno.yaml (about)

     1  # Use Kyverno instead of Gatekeeper
     2  gatekeeper:
     3    enabled: false
     4  clusterAuditor:
     5    enabled: false
     6  kyverno:
     7    enabled: true
     8  kyvernoPolicies:
     9    enabled: true
    10    values:
    11      policies:
    12        disallow-shared-subpath-volume-writes:
    13          validationFailureAction: audit
    14        restrict-host-ports:
    15          validationFailureAction: audit
    16        restrict-capabilities:
    17          validationFailureAction: audit
    18        restrict-image-registries:
    19          validationFailureAction: audit
    20        disallow-host-namespaces:
    21          validationFailureAction: audit
    22        disallow-privileged-containers:
    23          validationFailureAction: audit
    24        require-non-root-user:
    25          validationFailureAction: audit
    26        restrict-host-path-mount-pv:
    27          validationFailureAction: audit