gwg313/homelab-gitops
1
0
Fork 0
mirror of https://github.com/gwg313/homelab-gitops.git synced 2026-06-09 04:13:00 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

add tekton

Browse source 
Signed-off-by: gwg313 <gwg313@pm.me>
This commit is contained in:
gwg313 2026-05-18 18:39:13 -04:00
parent bfce08329d
commit 933b93da76
Signed by: gwg313
GPG key ID: 60FF63B4826B7400
23 changed files with 199 additions and 111 deletions
Download patch file Download diff file Expand all files Collapse all files

11
platform/kyverno/policies/disallow-latest-tag.yaml
View file

@ -12,6 +12,17 @@ spec:
- resources:
kinds:
- Pod
exclude:
any:
- resources:
selector:
matchExpressions:
- key: app.kubernetes.io/managed-by
operator: In
values:
- tekton-pipelines
- key: tekton.dev/task
operator: Exists
validate:
message: "Using the 'latest' tag or omitting image tags is forbidden. Use a specific version semantic tag."
foreach:

2
platform/kyverno/policies/generate-ns-network-baseline.yaml
View file

@ -30,6 +30,8 @@ spec:
- sealed-secrets
- nfs-subdir-external-provisioner
- monitoring
- tekton-pipelines-resolvers
- tekton-pipelines
generate:
apiVersion: cilium.io/v2
kind: CiliumNetworkPolicy

2
platform/kyverno/policies/require-requests-limits.yaml
View file

@ -34,6 +34,8 @@ spec:
- sealed-secrets
- nfs-subdir-external-provisioner
- monitoring
- tekton-pipelines-resolvers
- tekton-pipelines
validate:
message: "Resource discipline violation: Containers must declare cpu/memory requests and limits."
pattern: