CronJob-delete-kyveno-events.yaml

apiVersion: batch/v1
kind: CronJob
metadata:
  name: kyverno-events-cleanup
  namespace: openshift-ops # Infra-only-namespace
spec:
  schedule: "*/10 * * * *"
  concurrencyPolicy: Forbid #do not allow the creation of new job before the previous one had finished
  jobTemplate:
    spec:
      template:
        spec:
          serviceAccountName: my-cronjob-service-account # I have elevated privileges
          containers:
          - name: kyverno-events-cleanup
            image: quay.io/tamber/container-tools:latest #Hi that's my utility tool image!
            imagePullPolicy: IfNotPresent
            command:
            - /bin/sh
            - -c
            - | 
              for ns in $(oc get ns --no-headers | awk '{print $1}'); do 
                echo Namespace: $ns
                for name in $(oc get clusterpolicies.kyverno.io --no-headers | awk '{print $1}'); do 
                    oc get events -n $ns -o json | jq -r '.items[].metadata.name' | grep "^$name" | xargs -n 1 oc -n $ns delete event ;
                done ;
              done
              exit 0;
          restartPolicy: OnFailure