pub/kyverno-2026-example
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f980b651d9f855c1b83f7cc2e6374b7a487b6438
kyverno-2026-example/06-monitoring/02-debugging/test-pols/policy-require-limits.yaml
T
vasyansk f980b651d9 fix foreach
2026-05-19 17:16:39 +07:00

29 lines
856 B
YAML
Raw Blame History

apiVersion: kyverno.io/v1
kind: ClusterPolicy
metadata:
name: require-resource-limits-demo
annotations:
policies.kyverno.io/title: "DEMO: Требовать resources.limits"
policies.kyverno.io/description: >-
Демонстрационная политика для урока 6.2.
Проверяет, что у всех контейнеров заданы CPU и memory limits.
spec:
validationFailureAction: Audit
background: true
rules:
- name: check-container-limits
match:
any:
- resources:
kinds:
- Pod
validate:
message: "All containers must have resources.limits.cpu and resources.limits.memory."
foreach:
- list: "request.object.spec.containers"
pattern:
resources:
limits:
cpu: "?*"
memory: "?*"
Reference in New Issue View Git Blame Copy Permalink