Disable prevent deletion policy from bootstrap cluster (!1773) · Merge requests · Sylva-projects / sylva-core

What does this MR do and why?

Kyverno unit has been enabled in bootstrap cluster (for capm3) but avoid-delete-mgmt-resources is blocking the pivot execution.

Deleting Secret="management-cluster-token" Namespace="sylva-system"
Deleting Metal3Cluster="management-cluster" Namespace="sylva-system"
Error: action failed after 10 attempts: error deleting "controlplane.cluster.x-k8s.io/v1alpha1, Kind=RKE2ControlPlane" sylva-system/management-cluster-control-plane: admission webhook "validate.kyverno.svc-fail" denied the request: 

resource RKE2ControlPlane/sylva-system/management-cluster-control-plane was blocked due to the following policies 

avoid-delete-mgmt-resources:
  cluster-resources: Deleting the Sylva Flux resources that describe the Cluster API
    cluster for the management cluster is not possible without breaking the Sylva
    management cluster.

The aim of this MR is to disable the rule from bootstrap cluster and activate it just into mgmt.

Related reference(s)

Test coverage

Edited Feb 27, 2024 by Bogdan Antohe

Disable prevent deletion policy from bootstrap cluster

What does this MR do and why?

Related reference(s)

Test coverage

Merge request reports