Add prefix to external secret

 1apiVersion: kyverno.io/v1
 2kind: ClusterPolicy
 3metadata:
 4  name: add-external-secret-prefix
 5  annotations:
 6    policies.kyverno.io/title: Add prefix to external secret
 7    policies.kyverno.io/category: ExternalSecretOperator
 8    policies.kyverno.io/severity: medium
 9    policies.kyverno.io/subject: ExternalSecret
10    kyverno.io/kyverno-version: 1.7.1
11    policies.kyverno.io/minversion: 1.6.0
12    kyverno.io/kubernetes-version: "1.23"
13    policies.kyverno.io/description: >- 
14      This Policy mutates secretRef key to add a prefix.
15      External Secret Operator proposes to use kyverno to force ExternalSecrets
16      to have namespace prefix so that kubernetes administrators do not need to
17      define permissions and users per namespace.
18      Doing this developers are abstracted by administrators naming convention and will not 
19      be able to access secrets from other namespaces.
20      In this example, in the JSON patch change "prefix-" to your preferred prefix. For example: {{ request.namespace }}
21spec:
22  rules:
23  - name: add-external-secret-prefix
24    match:
25      any:
26      - resources:
27          kinds:
28          - external-secrets.io/v1beta1/ExternalSecret
29    mutate:
30      foreach: 
31      - list: "request.object.spec.data"
32        patchesJson6902: |-
33          - path: /spec/data/{{elementIndex}}/remoteRef
34            op: add
35            value:
36              key: "prefix-{{element.remoteRef.key}}"
37              property: "{{element.remoteRef.property}}"
38              conversionStrategy: "{{element.remoteRef.conversionStrategy}}"
39              decodingStrategy: "{{element.remoteRef.decodingStrategy}}"