|
|
|
@ -10,6 +10,7 @@ spec:
|
|
|
|
|
|
|
|
|
|
|
|
# Allow manifests to deploy from any Git repos
|
|
|
|
# Allow manifests to deploy from any Git repos
|
|
|
|
sourceRepos:
|
|
|
|
sourceRepos:
|
|
|
|
|
|
|
|
- 'oci://prodnso-harbor-01.smardigo.digital/infrastructure'
|
|
|
|
- 'https://prodnso-gitea-01.smardigo.digital/argocd/prodwork01-mobene-deployment'
|
|
|
|
- 'https://prodnso-gitea-01.smardigo.digital/argocd/prodwork01-mobene-deployment'
|
|
|
|
|
|
|
|
|
|
|
|
# Deny all cluster-scoped resources from being created
|
|
|
|
# Deny all cluster-scoped resources from being created
|
|
|
|
@ -17,11 +18,12 @@ spec:
|
|
|
|
- group: ''
|
|
|
|
- group: ''
|
|
|
|
kind: 'namespace'
|
|
|
|
kind: 'namespace'
|
|
|
|
|
|
|
|
|
|
|
|
namespaceResourceWhitelist:
|
|
|
|
# Allow all namespaced-scoped resources to be created, except for ResourceQuota, LimitRange, NetworkPolicy
|
|
|
|
- group: 'apps'
|
|
|
|
namespaceResourceBlacklist:
|
|
|
|
kind: Deployment
|
|
|
|
- group: ''
|
|
|
|
- group: 'apps'
|
|
|
|
kind: ResourceQuota
|
|
|
|
kind: StatefulSet
|
|
|
|
- group: ''
|
|
|
|
|
|
|
|
kind: LimitRange
|
|
|
|
|
|
|
|
|
|
|
|
# allowed destinations for deployments:
|
|
|
|
# allowed destinations for deployments:
|
|
|
|
destinations:
|
|
|
|
destinations:
|
|
|
|
|
friedrich goerz
3 years ago