create canary policy can be audit policy

utilitywarehouse · Oct 21, 2024 · 824473d · 824473d
1 parent 86d2b81
commit 824473d
Showing 1 changed file with 1 addition and 8 deletions.
diff --git a/kyverno/policies/canary/canary.yaml b/kyverno/policies/canary/canary.yaml
@@ -9,7 +9,7 @@ metadata:
       This is the canary rule which detects canary resources in the cluster.
       This is to alert on stopped or missing background scan report alerts.
 spec:
-  validationFailureAction: Enforce
+  validationFailureAction: Audit
   background: true
   rules:
     - name: detect-canary-configmap
@@ -19,13 +19,6 @@ spec:
             - ConfigMap
           names:
             - kyverno-canary-resource
-      preconditions:
-        all:
-          - key: "{{request.operation || 'BACKGROUND'}}"
-            operator: AnyNotIn
-            value:
-              - CREATE
-              - DELETE
       validate:
         message: "Found kyverno canary configMap in the cluster"
         deny: {}