A step-by-step guide to deploying Kyverno alongside Argo CD using the App-of-Apps GitOps pattern. Covers wrapping the official Kyverno and Kyverno Policies Helm charts, configuring sync-waves to ensure correct deployment order, setting Pod Security Standards in Audit vs Enforce mode, and adding custom policies via a templates
Table of contents
What is Kyverno?Why Kyverno with Argo CD?Step 1: Add Kyverno as an Argo CD applicationinfra-services/kyverno.yamlStep 2: Wrap the official Kyverno Helm chartkyverno/Chart.yamlkyverno/values.yamlStep 3: In ArgoCD UI Confirm Argo application Kyverno is createdStep 4: Add Kyverno Policies as an Argo CD Applicationinfra-services/kyverno-policies.yamlStep 5: Wrap and configure the Kyverno policies Helm chartkyverno-policies/Chart.yamlkyverno-policies/values.yamlStep 6: Add support for custom Kyverno policies (optional)Step 7: Using custom policiesViewing policy violationsKyverno policy reportsSort: