From a070f8381bfa352d9b5a76a247bdec13dfb67a96 Mon Sep 17 00:00:00 2001
From: Joseph Hanson <joe@veri.dev>
Date: Tue, 22 Oct 2024 16:12:35 -0500
Subject: [PATCH] include other namespaces that include the privileged-movers
 label

---
 .../apps/kyverno/kyverno/policies/volsync-movers.yaml     | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/kubernetes/apps/kyverno/kyverno/policies/volsync-movers.yaml b/kubernetes/apps/kyverno/kyverno/policies/volsync-movers.yaml
index f238310b..6cfb9e9f 100644
--- a/kubernetes/apps/kyverno/kyverno/policies/volsync-movers.yaml
+++ b/kubernetes/apps/kyverno/kyverno/policies/volsync-movers.yaml
@@ -14,13 +14,17 @@ spec:
   rules:
     - name: set-volsync-movers-custom-config
       match:
-        any:
+        all:
           - resources:
               kinds: ["batch/v1/Job"]
-              namespaces: ["default"]
               selector:
                 matchLabels:
                   app.kubernetes.io/created-by: volsync
+          - resources:
+              kinds: ["batch/v1/Job"]
+              namespaceSelector:
+                matchLabels:
+                  volsync.backube/privileged-movers: "true"
       mutate:
         patchStrategicMerge:
           spec: