diff --git a/kubernetes/main/apps/kyverno/kyverno/app/helmrelease.yaml b/kubernetes/main/apps/kyverno/kyverno/app/helmrelease.yaml index df043406e532..634bbef6d491 100644 --- a/kubernetes/main/apps/kyverno/kyverno/app/helmrelease.yaml +++ b/kubernetes/main/apps/kyverno/kyverno/app/helmrelease.yaml @@ -28,35 +28,29 @@ spec: grafana: enabled: true admissionController: - replicas: 3 - rbac: - clusterRole: - extraResources: - - apiGroups: - - "" - resources: - - pods - verbs: - - create - - update - - delete + clusterRole: + extraResources: + - apiGroups: + - '*' + resources: + - '*' + verbs: + - get + - list + - watch serviceMonitor: enabled: true backgroundController: - rbac: - clusterRole: - extraResources: - - apiGroups: - - "" - resources: - - pods - verbs: - - create - - update - - patch - - delete - - get - - list + clusterRole: + extraResources: + - apiGroups: + - '*' + resources: + - '*' + verbs: + - get + - list + - watch resources: requests: cpu: 100m @@ -64,9 +58,19 @@ spec: memory: 1Gi serviceMonitor: enabled: true - cleanupController: + reportsController: + clusterRole: + extraResources: + - apiGroups: + - '*' + resources: + - '*' + verbs: + - get + - list + - watch serviceMonitor: enabled: true - reportsController: + cleanupController: serviceMonitor: enabled: true diff --git a/kubernetes/main/apps/kyverno/kyverno/policies/volsync-movers.yaml b/kubernetes/main/apps/kyverno/kyverno/policies/volsync-movers.yaml index 303fb1c1c60b..3ff28f136dce 100644 --- a/kubernetes/main/apps/kyverno/kyverno/policies/volsync-movers.yaml +++ b/kubernetes/main/apps/kyverno/kyverno/policies/volsync-movers.yaml @@ -8,7 +8,6 @@ metadata: policies.kyverno.io/title: Mutate Volsync mover jobs policies.kyverno.io/subject: Pod spec: - generateExistingOnPolicyUpdate: true rules: - name: mutate-volsync-src-movers match: