From cbbdc8c608ecacde987c81b3218d24bb3a15f698 Mon Sep 17 00:00:00 2001
From: friedrich goerz <friedrich.goerz@netgo.de>
Date: Mon, 21 Nov 2022 14:49:45 +0100
Subject: [PATCH] DEv-669: swapped ns-scoped whitelist with ns-scoped blacklist

---
 clusterspecifics/appprojects/mobene.yaml | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/clusterspecifics/appprojects/mobene.yaml b/clusterspecifics/appprojects/mobene.yaml
index c6899d9..50fec43 100644
--- a/clusterspecifics/appprojects/mobene.yaml
+++ b/clusterspecifics/appprojects/mobene.yaml
@@ -10,6 +10,7 @@ spec:
 
   # Allow manifests to deploy from any Git repos
   sourceRepos:
+    - 'oci://prodnso-harbor-01.smardigo.digital/infrastructure'
     - 'https://prodnso-gitea-01.smardigo.digital/argocd/prodwork01-mobene-deployment'
 
   # Deny all cluster-scoped resources from being created
@@ -17,11 +18,12 @@ spec:
   - group: ''
     kind: 'namespace'
 
-  namespaceResourceWhitelist:
-   - group: 'apps'
-     kind: Deployment
-   - group: 'apps'
-     kind: StatefulSet
+  # Allow all namespaced-scoped resources to be created, except for ResourceQuota, LimitRange, NetworkPolicy
+  namespaceResourceBlacklist:
+  - group: ''
+    kind: ResourceQuota
+  - group: ''
+    kind: LimitRange
 
   # allowed destinations for deployments:
   destinations: