Merge branch 'docs/update-sample-prod-values-gatekeeper' into 'master'

Update docs to reflect that Kyverno is Default Policy Engine See merge request !4025

Merge branch 'docs/update-sample-prod-values-gatekeeper' into 'master'
1516f4c6 · Michael Martin · 1989b454 · d3b3efa9 · 1516f4c6 · 1516f4c6
Commit 1516f4c6 authored 1 year ago by Michael Martin
--- a/docs/understanding-bigbang/configuration/sample-prod-config.md
+++ b/docs/understanding-bigbang/configuration/sample-prod-config.md
@@ -2,65 +2,6 @@

 [[_TOC_]]

-## Gatekeeper
-
-The gatekeeper `values` section should resemble below when deploying to production.
-
-```yaml
-# OPA Gatekeeper
-#
-gatekeeper:
-  # -- Toggle deployment of OPA Gatekeeper.
-  enabled: true
-  git:
-    repo: https://repo1.dso.mil/big-bang/product/packages/policy.git
-    path: "./chart"
-    tag: "3.5.1-bb.2"
-
-  # -- Flux reconciliation overrides specifically for the OPA Gatekeeper Package
-  flux: {}
-
-  # -- Values to passthrough to the gatekeeper chart: https://repo1.dso.mil/big-bang/product/packages/policy.git
-  values:
-    violations:
-      allowedDockerRegistries:
-        match:
-          excludedNamespaces:
-            - kube-system # ignored as the kubernetes distro cannot be controlled
-
-  # -- Post Renderers.  See docs/postrenders.md
-  postRenderers: []
-```
-
-To validate it was deployed correctly on your cluster run the following command:
-
-`kubectl get k8sallowedrepos.constraints.gatekeeper.sh/allowed-docker-registries -o yaml`
-
-You should only see `kube-system` under `excludedNamespaces` section.
-
-Output:
-
-```yaml
-  name: allowed-docker-registries
-  resourceVersion: "10390"
-  uid: b51b3887-3cf8-4495-b37e-fb8ef31755db
-spec:
-  enforcementAction: deny
-  match:
-    excludedNamespaces:
-    - kube-system
-    kinds:
-    - apiGroups:
-      - ""
-      kinds:
-      - Pod
-  parameters:
-    exemptContainers: []
-    repos:
-    - registry1.dso.mil
-    - registry.dso.mil
-```
-
 ## Gitlab

 This section provides suggested settings for Gitlab operational/production environments.

--- a/docs/understanding-bigbang/package-architecture/README.md
+++ b/docs/understanding-bigbang/package-architecture/README.md
@@ -33,14 +33,14 @@ flowchart LR
    end

    subgraph PE[Policy Enforcement]
-      subgraph CA[Default]
+      subgraph KyvernoStack[Default]
      direction BT
-        ClusterAuditor --> OPA[OPA Gatekeeper]
+        KyvernoReporter[Kyverno Reporter*] --> Kyverno[Kyverno*]
      end
-      subgraph KyvernoStack[Alternative]
-      style KyvernoStack stroke-dasharray: 10 10
+      subgraph CA[Alternative]
+      style CA stroke-dasharray: 10 10
      direction BT
-        KyvernoReporter[Kyverno Reporter*] --> Kyverno[Kyverno*]
+        ClusterAuditor --> OPA[OPA Gatekeeper]
      end
    end