From 1eb3a02ab5a8cdd8187e0402e5c9343fec883b4e Mon Sep 17 00:00:00 2001 From: Joseph Hanson Date: Tue, 29 Oct 2024 09:41:40 -0500 Subject: [PATCH] add dst and re-arrange --- .../kyverno/policies/volsync-movers.yaml | 47 ++++++++++++++----- 1 file changed, 35 insertions(+), 12 deletions(-) diff --git a/kubernetes/apps/kyverno/kyverno/policies/volsync-movers.yaml b/kubernetes/apps/kyverno/kyverno/policies/volsync-movers.yaml index 7ad375d6..0e3771ba 100644 --- a/kubernetes/apps/kyverno/kyverno/policies/volsync-movers.yaml +++ b/kubernetes/apps/kyverno/kyverno/policies/volsync-movers.yaml @@ -11,20 +11,17 @@ metadata: policies.kyverno.io/subject: Pod spec: rules: - - name: set-volsync-movers-custom-config + - name: mutate-volsync-src-movers match: - resources: - kinds: ["batch/v1/Job"] - selector: - matchLabels: - app.kubernetes.io/created-by: volsync - namespaceSelector: - matchLabels: - volsync.backube/privileged-movers: "true" + any: + - resources: + kinds: ["batch/v1/Job"] + names: ["volsync-src-*"] + namespaces: ["*"] + selector: + matchLabels: + app.kubernetes.io/created-by: volsync mutate: - targets: - - apiVersion: batch/v1 - kind: Job patchStrategicMerge: spec: podReplacementPolicy: Failed @@ -40,6 +37,7 @@ spec: initContainers: - name: jitter image: docker.io/library/busybox:latest + imagePullPolicy: IfNotPresent command: ['sh', '-c', 'sleep $(shuf -i 0-60 -n 1)'] containers: - name: restic @@ -51,3 +49,28 @@ spec: nfs: server: shadowfax.jahanson.tech path: /nahar/volsync + - name: mutate-volsync-dst-movers + match: + any: + - resources: + kinds: ["batch/v1/Job"] + names: ["volsync-dst-*"] + namespaces: ["*"] + selector: + matchLabels: + app.kubernetes.io/created-by: volsync + mutate: + patchStrategicMerge: + spec: + template: + spec: + containers: + - name: restic + volumeMounts: + - name: repository + mountPath: /repository + volumes: + - name: repository + nfs: + server: shadowfax.jahanson.tech + path: /nahar/volsync