Inject Infrastructure Name

 1apiVersion: kyverno.io/v1
 2kind: ClusterPolicy
 3metadata:
 4  name: inject-infrastructurename
 5  annotations:
 6    policies.kyverno.io/title: Inject Infrastructure Name
 7    policies.kyverno.io/category: OpenShift
 8    policies.kyverno.io/severity: medium
 9    kyverno.io/kyverno-version: 1.10.0
10    policies.kyverno.io/minversion: 1.10.0
11    kyverno.io/kubernetes-version: "1.26"
12    policies.kyverno.io/subject: MachineSet
13    policies.kyverno.io/description: >-
14      A required component of a MachineSet is the infrastructure name which is a random string
15      created in a separate resource. It can be tedious or impossible to know this for each
16      MachineSet created. This policy fetches the value of the infrastructure name from the
17      Cluster resource and replaces all instances of TEMPLATE in a MachineSet with that name.      
18spec:
19  schemaValidation: false
20  rules:
21  - name: replace-template
22    match:
23      any:
24      - resources:
25          kinds:
26          - machine.openshift.io/v1beta1/MachineSet
27          operations:
28          - CREATE
29    context:
30    - name: cluster
31      apiCall:
32        urlPath: /apis/config.openshift.io/v1/infrastructures/cluster
33    - name: infraid
34      variable:
35        jmesPath: cluster.status.infrastructureName
36    mutate:
37      patchesJson6902: |-
38        - op: replace
39          path: /metadata
40          value: {{ replace_all(to_string(request.object.metadata),'TEMPLATE', infraid) }}
41        - op: replace
42          path: /spec
43          value: {{ replace_all(to_string(request.object.spec),'TEMPLATE', infraid) }}