File tree Expand file tree Collapse file tree
infrastructure/controllers/kyverno/policies
my-apps/media/karakeep/karakeep Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -15,12 +15,15 @@ spec:
1515 background : true
1616 rules :
1717 # Rule 1: Conditionally add dataSourceRef if backup exists in S3
18+ # IMPORTANT: Only trigger on CREATE to avoid race conditions during PVC deletion
1819 - name : add-datasource-if-backup-exists
1920 match :
2021 any :
2122 - resources :
2223 kinds :
2324 - PersistentVolumeClaim
25+ operations :
26+ - CREATE
2427 selector :
2528 matchExpressions :
2629 - key : backup
@@ -56,12 +59,15 @@ spec:
5659 name : " {{request.object.metadata.name}}-restore"
5760
5861 # Rule 2: Generate ExternalSecret for per-PVC restic repository
62+ # IMPORTANT: Only trigger on CREATE to avoid race conditions during PVC deletion
5963 - name : generate-restic-secret
6064 match :
6165 any :
6266 - resources :
6367 kinds :
6468 - PersistentVolumeClaim
69+ operations :
70+ - CREATE
6571 selector :
6672 matchExpressions :
6773 - key : backup
Original file line number Diff line number Diff line change 1616 storageClassName : longhorn
1717 # dataSourceRef is added dynamically by Kyverno if a backup exists
1818
19+
You can’t perform that action at this time.
0 commit comments