Application Field Validation

 1apiVersion: kyverno.io/v1
 2kind: ClusterPolicy
 3metadata:
 4  name: application-field-validation
 5  annotations:
 6    policies.kyverno.io/title: Application Field Validation
 7    policies.kyverno.io/category: Argo
 8    policies.kyverno.io/severity: medium
 9    policies.kyverno.io/subject: Application
10    kyverno.io/kyverno-version: 1.6.0
11    policies.kyverno.io/minversion: 1.6.0
12    kyverno.io/kubernetes-version: "1.23"
13    policies.kyverno.io/description: >-
14      This policy performs some best practices validation on Application fields.
15      Path or chart must be specified but never both. And destination.name or
16      destination.server must be specified but never both.
17spec:
18  validationFailureAction: Audit
19  background: true
20  rules:
21    - name: source-path-chart
22      match:
23        any:
24        - resources:
25            kinds:
26            - Application
27      validate:
28        message: >-
29          `spec.source.path` OR `spec.source.chart` should be specified but never both.
30        anyPattern:
31        - spec:
32            source:
33              path: '?*'
34              X(chart):
35        - spec:
36            source:
37              X(path):
38              chart: '?*'
39    - name: destination-server-name
40      match:
41        any:
42        - resources:
43            kinds:
44            - Application
45      validate:
46        message: >-
47          `spec.destination.server` OR `spec.destination.name` should be specified but never both.
48        anyPattern:
49        - spec:
50            destination:
51              server: '?*'
52              X(name):
53        - spec:
54            destination:
55              X(server):
56              name: '?*'