Patch¶
The patch operation defines resources that should be modified in a Kubernetes cluster.
If the resource to be modified does not exist in the cluster, the step will fail.
Configuration¶
The full structure of the Patch is documented here.
Features¶
| Supported features | |
|---|---|
| Bindings support |  |
| Outputs support | |
| Templating support | |
| Operation checks support | |
Examples¶
apiVersion: chainsaw.kyverno.io/v1alpha1
kind: Test
metadata:
name: example
spec:
steps:
- try:
- patch:
# use a specific file
file: my-configmap.yaml
---
apiVersion: chainsaw.kyverno.io/v1alpha1
kind: Test
metadata:
name: example
spec:
steps:
- try:
- patch:
# use glob pattern
file: "configs/*.yaml"
---
apiVersion: chainsaw.kyverno.io/v1alpha1
kind: Test
metadata:
name: example
spec:
steps:
- try:
- patch:
# use an URL
file: https://raw.githubusercontent.com/kyverno/chainsaw/main/testdata/resource/valid.yaml
---
apiVersion: chainsaw.kyverno.io/v1alpha1
kind: Test
metadata:
name: example
spec:
steps:
- try:
- patch:
# specify resource inline
resource:
apiVersion: v1
kind: ConfigMap
metadata:
name: chainsaw-quick-start
data:
foo: bar
Operation check¶
apiVersion: chainsaw.kyverno.io/v1alpha1
kind: Test
metadata:
name: example
spec:
steps:
- try:
- patch:
file: my-configmap.yaml
expect:
- match:
# this check applies only if the match
# statement below evaluates to `true`
apiVersion: v1
kind: ConfigMap
check:
# an error is expected, this will:
# - succeed if the operation failed
# - fail if the operation succeeded
($error != null): true