Skip to content

Commit 490f482

Browse files
mitchrossclaude
andcommitted
fix(kyverno): enable background processing and fix precondition check
- Change background: false -> true to allow retries when base secret not available at admission time - Fix precondition to check specific key (AWS_ACCESS_KEY_ID) with fallback instead of comparing map to empty string Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
1 parent e8695c9 commit 490f482

1 file changed

Lines changed: 3 additions & 2 deletions

File tree

infrastructure/controllers/kyverno/volsync-smart-restore.yaml

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@ metadata:
2323
- Backups protect data going forward (Restic keeps retention/history)
2424
spec:
2525
validationFailureAction: Enforce
26-
background: false
26+
background: true
2727
rules:
2828
# ------------------------------------------------------------------
2929
# RULE 1: GENERATE PER-PVC SECRET (copies base creds + full repo path)
@@ -43,7 +43,8 @@ spec:
4343
jmesPath: "data"
4444
preconditions:
4545
all:
46-
- key: "{{ baseSecret }}"
46+
# Check that base secret has the required keys
47+
- key: "{{ baseSecret.AWS_ACCESS_KEY_ID || '' }}"
4748
operator: NotEquals
4849
value: ""
4950
generate:

0 commit comments

Comments
 (0)