github/kubevela
1
0
Fork 0
mirror of https://github.com/kubevela/kubevela.git synced 2026-02-14 18:10:21 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
8597a122fbaa310b7409d67271d7db645e53b3f1
kubevela/charts/vela-core/templates/webhook.yaml
Ryan Zhang 8597a122fb add manual test for containerized and metricsTrait
2020-09-02 21:16:44 -07:00

138 lines
3.6 KiB
YAML
Raw Blame History

{{- if .Values.useWebhook -}}
---
apiVersion: admissionregistration.k8s.io/v1beta1
kind: MutatingWebhookConfiguration
metadata:
creationTimestamp: null
name: mutating-webhook-configuration
annotations:
cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ .Values.certificate.certificateName }}
webhooks:
- clientConfig:
caBundle: Cg==
service:
name: {{ template "kubevela.name" . }}-webhook
namespace: {{ .Release.Namespace }}
path: /mutate-standard-oam-dev-v1alpha1-metricstrait
failurePolicy: Fail
name: mmetricstrait.kb.io
rules:
- apiGroups:
- standard.oam.dev
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- metricstraits
- clientConfig:
caBundle: Cg==
service:
name: {{ template "kubevela.name" . }}-webhook
namespace: {{ .Release.Namespace }}
path: /mutate-standard-oam-dev-v1alpha1-containerized
failurePolicy: Fail
name: mcontainerized.kb.io
rules:
- apiGroups:
- standard.oam.dev
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- Containerized
---
apiVersion: admissionregistration.k8s.io/v1beta1
kind: ValidatingWebhookConfiguration
metadata:
creationTimestamp: null
name: validating-webhook-configuration
annotations:
cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ .Values.certificate.certificateName }}
webhooks:
- clientConfig:
caBundle: Cg==
service:
name: {{ template "kubevela.name" . }}-webhook
namespace: {{ .Release.Namespace }}
path: /validate-standard-oam-dev-v1alpha1-metricstrait
failurePolicy: Fail
name: vmetricstrait.kb.io
rules:
- apiGroups:
- standard.oam.dev
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
- DELETE
resources:
- metricstraits
- clientConfig:
caBundle: Cg==
service:
name: {{ template "kubevela.name" . }}-webhook
namespace: {{ .Release.Namespace }}
path: /validate-standard-oam-dev-v1alpha1-containerized
failurePolicy: Fail
name: vcontainerized.kb.io
rules:
- apiGroups:
- standard.oam.dev
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
- DELETE
resources:
- Containerized
---
apiVersion: v1
kind: Service
metadata:
name: {{ template "kubevela.name" . }}-webhook
labels:
{{- include "kubevela.labels" . | nindent 4 }}
spec:
type: {{ .Values.webhookService.type }}
ports:
- port: 443
targetPort: {{ .Values.webhookService.port }}
protocol: TCP
name: https
selector:
{{ include "kubevela.selectorLabels" . | nindent 6 }}
---
# The following manifests contain a self-signed issuer CR and a certificate CR.
# More document can be found at https://docs.cert-manager.io
apiVersion: cert-manager.io/v1alpha2
kind: Issuer
metadata:
name: {{ .Values.certificate.issuerName | quote }}
spec:
selfSigned: {}
---
apiVersion: cert-manager.io/v1alpha2
kind: Certificate
metadata:
name: {{ .Values.certificate.certificateName }}
spec:
dnsNames:
- {{ template "kubevela.name" . }}-webhook.{{ .Release.Namespace }}.svc
- {{ template "kubevela.name" . }}-webhook.{{ .Release.Namespace }}.svc.cluster.local
issuerRef:
kind: Issuer
name: {{ .Values.certificate.issuerName | default "selfsigned-issuer" | quote }}
secretName: {{ .Values.certificate.secretName | quote }}
---
{{- end -}}
Reference in New Issue View Git Blame Copy Permalink