UNCLASSIFIED - NO CUI

Skip to content
Snippets Groups Projects
Commit 6b59b829 authored by Ryan Garcia's avatar Ryan Garcia :dizzy:
Browse files

Merge branch '767-twistlock-def-vio' into 'master' 

Update gatekeeper violations for twistlock-defenders selinuxPolicy

Closes #767

See merge request platform-one/big-bang/bigbang!890
parents 6cb190a1 afa4c951
No related branches found
No related tags found
1 merge request!890Update gatekeeper violations for twistlock-defenders selinuxPolicy
Pipeline #475816 passed
Stage: .pre
Stage: smoke tests
Hide whitespace changes
Inline Side-by-side
chart/templates/gatekeeper/values.yaml
+ 10
2
View file @ 6b59b829
......@@ -109,12 +109,20 @@ violations: # Try to keep this in alpha order to make it easier to find keys
{{- end }}
{{- end }}
{{- if .Values.logging.enabled }}
{{- if or .Values.logging.enabled .Values.twistlock.enabled }}
selinuxPolicy:
{{- if .Values.logging.enabled }}
match:
excludedNamespaces:
# FluentBit needs selinux option type spc_t
- logging
{{- end }}
{{- if .Values.twistlock.enabled }}
parameters:
excludedResources:
# Twistlock Defenders need selinux option type spc_t
- twistlock/twistlock-defender
{{- end }}
{{- end }}
{{- if or .Values.fluentbit.enabled (or .Values.twistlock.enabled .Values.monitoring.enabled) }}
......@@ -165,4 +173,4 @@ violations: # Try to keep this in alpha order to make it easier to find keys
{{- end }}
{{- end }}
{{ toYaml $overlays }}
{{- end }}
\ No newline at end of file
{{- end }}
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

UNCLASSIFIED - NO CUI