🔥 kyverno policy

kubernetes/apps/networking/ingress-nginx/app/clusterpolicy.yaml

@@ -74,41 +74,3 @@ spec:
             annotations:
               +(external-dns.alpha.kubernetes.io/target): |-
                 services.${SECRET_DOMAIN}.
----
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: ingress-whitelist-annotations
-  annotations:
-    policies.kyverno.io/title: Ingress Whitelist Annotations
-    policies.kyverno.io/subject: Ingress
-    policies.kyverno.io/description: >-
-      This policy creates annotations on ingresses. When
-      the `external-dns.home.arpa/enabled` annotation is not
-      set it applies the nginx annotations for use with only
-      internal application access.
-spec:
-  mutateExistingOnPolicyUpdate: true
-  generateExistingOnPolicyUpdate: true
-  rules:
-    - name: whitelist
-      match:
-        any:
-          - resources:
-              kinds: ["Ingress"]
-      exclude:
-        any:
-          - resources:
-              annotations:
-                external-dns.home.arpa/enabled: "true"
-      mutate:
-        targets:
-          - apiVersion: networking.k8s.io/v1
-            kind: Ingress
-            name: "{{request.object.metadata.name}}"
-            namespace: "{{ request.object.metadata.namespace }}"
-        patchStrategicMerge:
-          metadata:
-            annotations:
-              +(nginx.ingress.kubernetes.io/whitelist-source-range): |-
-                10.0.0.0/8,172.16.0.0/12,192.168.0.0/16