Mitigating the automount service account token findings in harbor

General MR

Summary

mitigating the automount service account token findings in harbor

Related to https://repo1.dso.mil/big-bang/bigbang/-/issues/1854

chart/templates/kyverno-policies/values.yaml

@@ -704,6 +704,7 @@ policies:
       - velero
       - neuvector
       - kiali
+      - harbor
       
   update-automountserviceaccounttokens:
     enabled: true
@@ -830,6 +831,10 @@ policies:
         # notifications bot pods interact with secrets, configmaps, and CRDs
         # More details in argocd/chart/templates/argocd-notifications/bots/slack/role.yaml
         - argocd-argocd-notifications-controller-*
+      - namespace: harbor
+        serviceAccounts: 
+        - harbor-redis-bb
+
 
 istio:
   enabled: {{ .Values.istio.enabled }}