Require Labels

Define and use labels that identify semantic attributes of your application or Deployment. A common set of labels allows tools to work collaboratively, describing objects in a common manner that all tools can understand. The recommended labels describe applications in a way that can be queried. This policy validates that the label `app.kubernetes.io/name` is specified with some value.

Policy Definition

/best-practices/require-labels/require-labels.yaml

 1apiVersion: kyverno.io/v1
 2kind: ClusterPolicy
 3metadata:
 4  name: require-labels
 5  annotations:
 6    policies.kyverno.io/title: Require Labels
 7    policies.kyverno.io/category: Best Practices
 8    policies.kyverno.io/minversion: 1.6.0
 9    policies.kyverno.io/severity: medium
10    policies.kyverno.io/subject: Pod, Label
11    policies.kyverno.io/description: >-
12      Define and use labels that identify semantic attributes of your application or Deployment.
13      A common set of labels allows tools to work collaboratively, describing objects in a common manner that
14      all tools can understand. The recommended labels describe applications in a way that can be
15      queried. This policy validates that the label `app.kubernetes.io/name` is specified with some value.      
16spec:
17  validationFailureAction: audit
18  background: true
19  rules:
20  - name: check-for-labels
21    match:
22      any:
23      - resources:
24          kinds:
25          - Pod
26    validate:
27      message: "The label `app.kubernetes.io/name` is required."
28      pattern:
29        metadata:
30          labels:
31            app.kubernetes.io/name: "?*"

Create policy issue