From 99a3701edea5e7d82ad73c9b4a4f4e141eb58137 Mon Sep 17 00:00:00 2001
From: Ryan Garcia <garcia.ryan@solute.us>
Date: Tue, 14 Sep 2021 17:42:49 +0000
Subject: [PATCH] Merge branch '767-twistlock-def-vio' into 'master'

Update gatekeeper violations for twistlock-defenders selinuxPolicy

Closes #767

See merge request platform-one/big-bang/bigbang!890
---
 chart/templates/gatekeeper/values.yaml | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/chart/templates/gatekeeper/values.yaml b/chart/templates/gatekeeper/values.yaml
index e4af7e0318..61fee1c578 100644
--- a/chart/templates/gatekeeper/values.yaml
+++ b/chart/templates/gatekeeper/values.yaml
@@ -109,12 +109,20 @@ violations:  # Try to keep this in alpha order to make it easier to find keys
     {{- end }}
   {{- end }}
 
-  {{- if .Values.logging.enabled }}
+  {{- if or .Values.logging.enabled .Values.twistlock.enabled }}
   selinuxPolicy:
+    {{- if .Values.logging.enabled }}
     match:
       excludedNamespaces:
         # FluentBit needs selinux option type spc_t
         - logging
+    {{- end }}
+    {{- if .Values.twistlock.enabled }}
+    parameters:
+      excludedResources:
+        # Twistlock Defenders need selinux option type spc_t
+        - twistlock/twistlock-defender
+    {{- end }}
   {{- end }}
 
   {{- if or .Values.fluentbit.enabled (or .Values.twistlock.enabled .Values.monitoring.enabled) }}
@@ -165,4 +173,4 @@ violations:  # Try to keep this in alpha order to make it easier to find keys
     {{- end }}
   {{- end }}
 {{ toYaml $overlays }}
-{{- end }}
\ No newline at end of file
+{{- end }}
-- 
GitLab