Add metadata annotations to disallow-istio-injection-bypass policy
Feature Request
Why
What is the use case for the feature you are requesting? What are you trying to solve?
Expand policy to cover annotations in addition to labels - https://repo1.dso.mil/big-bang/product/packages/kyverno-policies/-/blob/main/chart/templates/disallow-istio-injection-bypass.yaml?ref_type=heads#L39
Problem: annotations bypass the disallow-istio-injection-bypass policy as-is due to only matching labels.
Proposed Solution
Solution: expand current policy to include annotations or create a new policy to cover annotations
If possible add a new pattern match, e.g.:
pattern:
metadata:
=(annotations):
=(sidecar.istio.io/inject): "!false"