All Policies

Add Environment Variables from ConfigMap

Instead of defining a common set of environment variables multiple times either in manifests or separate policies, Pods can reference entire collections stored in a ConfigMap. This policy mutates all initContainers (if present) and containers in a Pod with environment variables defined in a ConfigMap named `nsenvvars` that must exist in the destination Namespace.

Policy Definition

/other/add-env-vars-from-cm/add-env-vars-from-cm.yaml

 1apiVersion: kyverno.io/v1
 2kind: ClusterPolicy
 3metadata:
 4  name: add-env-vars-from-cm
 5  annotations:
 6    policies.kyverno.io/title: Add Environment Variables from ConfigMap
 7    policies.kyverno.io/minversion: 1.6.0
 8    policies.kyverno.io/subject: Pod
 9    policies.kyverno.io/category: Other
10    policies.kyverno.io/description: >-
11      Instead of defining a common set of environment variables multiple
12      times either in manifests or separate policies, Pods can reference
13      entire collections stored in a ConfigMap. This policy mutates all
14      initContainers (if present) and containers in a Pod with environment
15      variables defined in a ConfigMap named `nsenvvars` that must exist
16      in the destination Namespace.     
17spec:
18  rules:
19  - name: add-env-vars-from-cm
20    match:
21      any:
22      - resources:
23          kinds:
24          - Pod
25    mutate:
26      patchStrategicMerge:
27        spec:
28          initContainers:
29            - (name): "*"
30              envFrom:
31              - configMapRef:
32                  name: nsenvvars
33          containers:
34            - (name): "*"
35              envFrom:
36              - configMapRef:
37                  name: nsenvvars
Create policy issue