From fae9822de63f7060dba4d69b7cd00bdce4af689c Mon Sep 17 00:00:00 2001 From: Joseph Hanson Date: Tue, 22 Oct 2024 16:15:46 -0500 Subject: [PATCH] match on namespaces that have privileged-movers label -- not just default --- .../apps/kyverno/kyverno/policies/volsync-movers.yaml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/kubernetes/main/apps/kyverno/kyverno/policies/volsync-movers.yaml b/kubernetes/main/apps/kyverno/kyverno/policies/volsync-movers.yaml index 48491a225415..4f58e5e10398 100644 --- a/kubernetes/main/apps/kyverno/kyverno/policies/volsync-movers.yaml +++ b/kubernetes/main/apps/kyverno/kyverno/policies/volsync-movers.yaml @@ -14,13 +14,17 @@ spec: rules: - name: set-volsync-movers-custom-config match: - any: + all: - resources: kinds: ["batch/v1/Job"] - namespaces: ["default"] selector: matchLabels: app.kubernetes.io/created-by: volsync + - resources: + kinds: ["batch/v1/Job"] + namespaceSelector: + matchLabels: + volsync.backube/privileged-movers: "true" mutate: patchStrategicMerge: spec: