Skip to content

Commit

Permalink
Add assign-oauth-image gatekeeper policy
Browse files Browse the repository at this point in the history
This allows the rhods oauth container to pull oauth image from internal registry rather than externally. Relevant commit: nerc-project/operations#506

Signed-off-by: Isaiah Stapleton <istaplet@redhat.com>
  • Loading branch information
IsaiahStapleton committed Jun 11, 2024
1 parent 0efab41 commit efb714f
Showing 1 changed file with 22 additions and 0 deletions.
22 changes: 22 additions & 0 deletions policy/overlays/nerc-ocp-prod/internal-oauth.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
apiVersion: mutations.gatekeeper.sh/v1alpha1
kind: AssignImage
metadata:
name: assign-oauth-image
spec:
applyTo:
- groups: [ "" ]
kinds: [ "Pod" ]
versions: [ "v1" ]
location: "spec.containers[name:oauth-proxy].image"
parameters:
assignDomain: "image-registry.openshift-image-registry.svc:5000"
assignPath: "redhat-ods-applications/oauth-proxy"
assignTag: ":latest"
match:
source: "All"
scope: Namespaced
kinds:
- apiGroups: [ "*" ]
kinds: [ "Pod" ]
namespaces: ["rhods-notebooks"]
name: jupyter-nb*

0 comments on commit efb714f

Please sign in to comment.