新增learn-kubernetes（https://github.com/yyong-brs/learn-kubernetes）相关文件

learn/learn-kubernetes-master/kiamol/ch16/opa/constraints/production/containerProbes.yaml

@@ -0,0 +1,14 @@
+apiVersion: constraints.gatekeeper.sh/v1beta1
+kind: PolicyContainerProbes
+metadata:
+  name: container-probes
+spec:
+  match:
+    kinds:
+      - apiGroups: [""]
+        kinds: ["Pod"]
+    namespaces:
+      - "kiamol-ch16"
+  parameters:
+    probes: ["readinessProbe", "livenessProbe"]
+    probeTypes: ["tcpSocket", "httpGet", "exec"]

learn/learn-kubernetes-master/kiamol/ch16/opa/constraints/production/imageRepository.yaml

@@ -0,0 +1,14 @@
+apiVersion: constraints.gatekeeper.sh/v1beta1
+kind: PolicyImageRepository
+metadata:
+  name: image-repository
+spec:
+  match:
+    kinds:
+      - apiGroups: [""]
+        kinds: ["Pod"]
+    namespaces:
+      - "kiamol-ch16"
+  parameters:
+    repos:
+      - "kiamol"

learn/learn-kubernetes-master/kiamol/ch16/opa/constraints/production/resourceLimits.yaml

@@ -0,0 +1,11 @@
+apiVersion: constraints.gatekeeper.sh/v1beta1
+kind: PolicyResourceLimits
+metadata:
+  name: resource-limits
+spec:
+  match:
+    kinds:
+      - apiGroups: [""]
+        kinds: ["Pod"]
+    namespaces:
+      - "kiamol-ch16"

learn/learn-kubernetes-master/kiamol/ch16/opa/constraints/requiredLabels.yaml

@@ -0,0 +1,25 @@
+apiVersion: constraints.gatekeeper.sh/v1beta1
+kind: RequiredLabels
+metadata:
+  name: requiredlabels-kiamol
+spec:
+  match:
+    kinds:
+      - apiGroups: [""]
+        kinds: ["Service", "Deployment", "ConfigMap"]
+      - apiGroups: ["apps"]
+        kinds: ["Deployment"]
+  parameters:
+    labels: ["kiamol"]
+---
+apiVersion: constraints.gatekeeper.sh/v1beta1
+kind: RequiredLabels
+metadata:
+  name: requiredlabels-app
+spec:
+  match:
+    kinds:
+      - apiGroups: [""]
+        kinds: ["Pod"]
+  parameters:
+    labels: ["app", "version"]