2.6.4.2.2. fromConfigmap function

fromConfigmap 功能返回 ConfigMap 中给定 data 键的值。查看该功能的以下语法：

func fromConfigMap (ns string, configmapName string, datakey string) (dataValue string, err Error)

使用此功能时，请输入 Kubernetes ConfigMap 资源的命名空间、名称和数据键。如果目标集群上不存在 Kubernetes ConfigMap 资源，则会出现策略违反的情况。如果目标集群上不存在 data 键，则该值将变为空字符串。查看在目标受管集群中强制执行 Kubernetes 资源的以下配置策略。log-file data 键的值是一个模板，它从 ConfigMap 获得 log-file 的值，从 default 命名空间获得 log-config ，log-level 被设置为 data 键 log-level。

apiVersion: policy.open-cluster-management.io/v1
kind: ConfigurationPolicy
metadata:
  name: demo-fromcm-lookup
  namespace: test-templates
spec:
  namespaceSelector:
    exclude:
    - kube-*
    include:
    - default
  object-templates:
  - complianceType: musthave
    objectDefinition:
      kind: ConfigMap
      apiVersion: v1
      metadata:
        name: demo-app-config
        namespace: test
      data:
        app-name: sampleApp
        app-description: "this is a sample app"
        log-file: '{{ fromConfigMap "default" "logs-config" "log-file" }}'
        log-level: '{{ fromConfigMap "default" "logs-config" "log-level" }}'
  remediationAction: enforce
  severity: low