mirror of
https://github.com/argoproj/argo-cd
synced 2026-04-25 19:07:18 +00:00
d2231577c7
Healthchecks for several Policy types. Signed-off-by: Justin Kulikauskas <jkulikau@redhat.com>
68 lines
2 KiB
YAML
68 lines
2 KiB
YAML
apiVersion: policy.open-cluster-management.io/v1
|
|
kind: Policy
|
|
metadata:
|
|
generation: 2
|
|
name: argo-example
|
|
namespace: open-cluster-management-global-set
|
|
spec:
|
|
disabled: false
|
|
policy-templates:
|
|
- objectDefinition:
|
|
apiVersion: policy.open-cluster-management.io/v1
|
|
kind: ConfigurationPolicy
|
|
metadata:
|
|
name: example-namespace
|
|
spec:
|
|
object-templates:
|
|
- complianceType: musthave
|
|
objectDefinition:
|
|
apiVersion: v1
|
|
kind: Namespace
|
|
metadata:
|
|
name: example
|
|
remediationAction: inform
|
|
severity: low
|
|
- objectDefinition:
|
|
apiVersion: policy.open-cluster-management.io/v1
|
|
kind: ConfigurationPolicy
|
|
metadata:
|
|
name: example-pod
|
|
spec:
|
|
namespaceSelector:
|
|
exclude:
|
|
- kube-*
|
|
include:
|
|
- default
|
|
object-templates:
|
|
- complianceType: musthave
|
|
objectDefinition:
|
|
apiVersion: v1
|
|
kind: Pod
|
|
metadata:
|
|
name: foobar
|
|
spec:
|
|
containers:
|
|
- image: 'registry.redhat.io/rhel9/httpd-24:latest'
|
|
name: httpd
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
privileged: false
|
|
runAsNonRoot: true
|
|
remediationAction: inform
|
|
severity: low
|
|
remediationAction: inform
|
|
status:
|
|
compliant: NonCompliant
|
|
placement:
|
|
- placement: argo-example-placement
|
|
placementBinding: argo-example-placement
|
|
status:
|
|
- clustername: local-cluster
|
|
clusternamespace: local-cluster
|
|
compliant: NonCompliant
|
|
- clustername: managed
|
|
clusternamespace: managed
|
|
compliant: NonCompliant
|