'how does kyverno handle cleanup for generated resources
Let's say I have a rule in kyverno cluster policy to generate configmap. Now at some point of time in future I remove that rule from cluster policy(cluster policy still exists). Is kyverno capable of garbage collecting the configmap?
Cluster Policy with two generate rules(r1 and r2):
apiVersion: kyverno.io/v1
kind: ClusterPolicy
metadata:
name: cp1
spec:
rules:
- name: r1
match:
resources:
kinds:
- Namespace
selector:
matchLabels:
test: "true"
generate:
synchronize: true
kind: ConfigMap
name: cm1
namespace: "{{request.object.metadata.name}}"
data:
kind: ConfigMap
data:
# Enter all your target logging info below
test.yml: |-
cm1
- name: r2
match:
resources:
kinds:
- Namespace
selector:
matchLabels:
test: "true"
generate:
synchronize: true
kind: ConfigMap
name: cm2
namespace: "{{request.object.metadata.name}}"
data:
kind: ConfigMap
data:
# Enter all your target logging info below
test.yml: |-
cm2Once applied if you remove one of the generate rules and apply policy again it does not remove config map.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|