SKIP UPGRADE: Merge kyverno
General MR
Summary
Combined kyverno and kyvenro-policies. Kyverno is now a subchart in the kyverno-policies repo: https://repo1.dso.mil/big-bang/product/packages/kyverno-policies/-/tree/merge-kyverno/chart/charts/kyverno
It was not possible to package as helm dependency since it becomes too large, and this layout will simplify future renovates. BigBang deployment will continue to deploy kyverno and kyvenro-policies seperately, since it takes time for kyverno to become ready to install. However, they will be deployed together at the package level allowing for combined testing and CI/CD from blocking updates that would break kyverno-policies.
Some modifications are needed at the bigbang level and are detailed here: big-bang/bigbang!5255 (diffs)
Mainly, kyverno git url will point to the kyverno-policies repo.
Relevant logs/screenshots
Tests run for both kyverno and kyverno policies:
Linked Issue
Upgrade Notices
Breaking Upgrade. Will require deleting previous kyverno to install using the following commands:
ClusterRole=$(kubectl get ClusterRole | grep kyverno | awk '{print $1}' | tr '\n' ' ')
ClusterRoleBinding=$(kubectl get ClusterRoleBinding | grep kyverno | awk '{print $1}' | tr '\n' ' ')
CRDS=$(kubectl get crds | grep kyverno | awk '{print $1}' | tr '\n' ' ')
kubectl delete namespace kyverno
kubectl delete crds $CRDS
kubectl delete crds policyreports.wgpolicyk8s.io clusterpolicyreports.wgpolicyk8s.io
kubectl delete ClusterRole $ClusterRole
kubectl delete ClusterRoleBinding $ClusterRoleBinding
#check for any kyverno resources:
kubectl get namespace kyverno
kubectl get all --all-namespaces -l='app.kubernetes.io/managed-by=Helm,app.kubernetes.io/instance=kyverno'