---
apiVersion: constraints.gatekeeper.sh/v1beta1
kind: secretNames
metadata:
  name: secrets-must-have-user-name
spec:
  match:
    kinds:
      - apiGroups: [""]
        kinds: ["Secret"]
  parameters:
---
apiVersion: constraints.gatekeeper.sh/v1beta1
kind: secretMountNames
metadata:
  name: secrets-mounted-must-have-user-name
spec:
  match:
    kinds:
      - apiGroups: ["sparkoperator.k8s.io"]
        kinds: ["SparkApplication"]
  parameters:
---
apiVersion: constraints.gatekeeper.sh/v1beta1
kind: serviceAccountExecutors
metadata:
  name: spark-executor-run-with-service-account
spec:
  match:
    kinds:
      - apiGroups: ["sparkoperator.k8s.io"]
        kinds: ["SparkApplication"]
  parameters:
---
apiVersion: constraints.gatekeeper.sh/v1beta1
kind: goodServiceAccountExecutors
metadata:
  name: spark-executor-run-with-good-service-account
spec:
  match:
    kinds:
      - apiGroups: ["sparkoperator.k8s.io"]
        kinds: ["SparkApplication"]
  parameters: