agones.dev/agones@v1.53.0/install/helm/agones/templates/extensions.yaml (about) 1 # Copyright 2018 Google LLC All Rights Reserved. 2 # 3 # Licensed under the Apache License, Version 2.0 (the "License"); 4 # you may not use this file except in compliance with the License. 5 # You may obtain a copy of the License at 6 # 7 # http://www.apache.org/licenses/LICENSE-2.0 8 # 9 # Unless required by applicable law or agreed to in writing, software 10 # distributed under the License is distributed on an "AS IS" BASIS, 11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 # See the License for the specific language governing permissions and 13 # limitations under the License. 14 {{- $ca := genCA "admission-controller-ca" 3650 }} 15 {{- $cn := printf "agones-controller-service" }} 16 {{- $altName1 := printf "agones-controller-service.%s" .Release.Namespace }} 17 {{- $altName2 := printf "agones-controller-service.%s.svc" .Release.Namespace }} 18 {{- $cert := genSignedCert $cn nil (list $altName1 $altName2) 3650 $ca }} 19 --- 20 {{- if .Values.agones.registerApiService }} 21 apiVersion: apiregistration.k8s.io/v1 22 kind: APIService 23 metadata: 24 name: v1.allocation.agones.dev 25 labels: 26 component: controller 27 app: {{ template "agones.name" . }} 28 chart: {{ template "agones.chart" . }} 29 release: {{ .Release.Name }} 30 heritage: {{ .Release.Service }} 31 {{- $annotations := default .Values.agones.controller.allocationApiService.annotations .Values.agones.extensions.allocationApiService.annotations }} 32 {{- if $annotations }} 33 annotations: 34 {{- toYaml $annotations | nindent 4 }} 35 {{- end }} 36 spec: 37 group: allocation.agones.dev 38 groupPriorityMinimum: 1000 39 versionPriority: 15 40 service: 41 name: agones-controller-service 42 namespace: {{ .Release.Namespace }} 43 {{- if not (default .Values.agones.controller.allocationApiService.disableCaBundle .Values.agones.extensions.allocationApiService.disableCaBundle) }} 44 {{- if .Values.agones.controller.generateTLS }} 45 caBundle: {{ b64enc $ca.Cert }} 46 {{- else }} 47 caBundle: {{ default (.Files.Get "certs/server.crt") .Values.agones.controller.tlsCert | b64enc }} 48 {{- end }} 49 {{- end }} 50 version: v1 51 {{- end}} 52 {{- if .Values.agones.registerWebhooks }} 53 --- 54 apiVersion: admissionregistration.k8s.io/v1 55 kind: ValidatingWebhookConfiguration 56 metadata: 57 name: agones-validation-webhook 58 {{- if (default .Values.agones.controller.validatingWebhook.annotations .Values.agones.extensions.validatingWebhook.annotations) }} 59 annotations: 60 {{- toYaml .Values.agones.controller.validatingWebhook.annotations | nindent 4 }} 61 {{- end }} 62 labels: 63 component: controller 64 app: {{ template "agones.name" . }} 65 chart: {{ template "agones.chart" . }} 66 release: {{ .Release.Name }} 67 heritage: {{ .Release.Service }} 68 webhooks: 69 - name: validations.agones.dev 70 admissionReviewVersions: 71 - v1 72 sideEffects: None 73 failurePolicy: Fail 74 clientConfig: 75 service: 76 name: agones-controller-service 77 namespace: {{ .Release.Namespace }} 78 path: /validate 79 {{- if not (default .Values.agones.controller.validatingWebhook.disableCaBundle .Values.agones.extensions.validatingWebhook.disableCaBundle) }} 80 {{- if .Values.agones.controller.generateTLS }} 81 caBundle: {{ b64enc $ca.Cert }} 82 {{- else }} 83 caBundle: {{ default (.Files.Get "certs/server.crt") .Values.agones.controller.tlsCert | b64enc }} 84 {{- end }} 85 {{- end }} 86 rules: 87 - apiGroups: 88 - agones.dev 89 resources: 90 - "fleets" 91 - "gameservers" 92 - "gameserversets" 93 apiVersions: 94 - "v1" 95 operations: 96 - CREATE 97 - apiGroups: 98 - agones.dev 99 resources: 100 - "fleets" 101 - "gameserversets" 102 apiVersions: 103 - "v1" 104 operations: 105 - UPDATE 106 - apiGroups: 107 - autoscaling.agones.dev 108 resources: 109 - "fleetautoscalers" 110 apiVersions: 111 - "v1" 112 operations: 113 - CREATE 114 - UPDATE 115 116 --- 117 apiVersion: admissionregistration.k8s.io/v1 118 kind: MutatingWebhookConfiguration 119 metadata: 120 name: agones-mutation-webhook 121 {{- $annotations := default .Values.agones.controller.mutatingWebhook.annotations .Values.agones.extensions.mutatingWebhook.annotations }} 122 {{- if $annotations }} 123 annotations: 124 {{- toYaml $annotations | nindent 4 }} 125 {{- end }} 126 labels: 127 component: controller 128 app: {{ template "agones.name" . }} 129 chart: {{ template "agones.chart" . }} 130 release: {{ .Release.Name }} 131 heritage: {{ .Release.Service }} 132 webhooks: 133 - name: mutations.agones.dev 134 admissionReviewVersions: 135 - v1 136 sideEffects: None 137 failurePolicy: Fail 138 clientConfig: 139 service: 140 name: agones-controller-service 141 namespace: {{ .Release.Namespace }} 142 path: /mutate 143 {{- if not (default .Values.agones.controller.mutatingWebhook.disableCaBundle .Values.agones.extensions.mutatingWebhook.disableCaBundle) }} 144 {{- if .Values.agones.controller.generateTLS }} 145 caBundle: {{ b64enc $ca.Cert }} 146 {{- else }} 147 caBundle: {{ default (.Files.Get "certs/server.crt") .Values.agones.controller.tlsCert | b64enc }} 148 {{- end }} 149 {{- end }} 150 rules: 151 - apiGroups: 152 - agones.dev 153 resources: 154 - "gameservers" 155 - "fleets" 156 apiVersions: 157 - "v1" 158 operations: 159 - CREATE 160 - apiGroups: 161 - autoscaling.agones.dev 162 resources: 163 - "fleetautoscalers" 164 apiVersions: 165 - "v1" 166 operations: 167 - CREATE 168 - UPDATE 169 {{- end }} 170 {{- if not (default .Values.agones.controller.disableSecret .Values.agones.extensions.disableSecret) }} 171 --- 172 apiVersion: admissionregistration.k8s.io/v1 173 kind: MutatingWebhookConfiguration 174 metadata: 175 name: zzz-agones-mutation-webhook 176 {{- $annotations := default .Values.agones.controller.mutatingWebhook.annotations .Values.agones.extensions.mutatingWebhook.annotations }} 177 {{- if $annotations }} 178 annotations: 179 {{- toYaml $annotations | nindent 4 }} 180 {{- end }} 181 labels: 182 component: controller 183 app: {{ template "agones.name" . }} 184 chart: {{ template "agones.chart" . }} 185 release: {{ .Release.Name }} 186 heritage: {{ .Release.Service }} 187 webhooks: 188 - name: mutations.agones.dev 189 admissionReviewVersions: 190 - v1 191 sideEffects: None 192 failurePolicy: Fail 193 clientConfig: 194 service: 195 name: agones-controller-service 196 namespace: {{ .Release.Namespace }} 197 path: /mutate 198 {{- if not .Values.agones.controller.mutatingWebhook.disableCaBundle }} 199 {{- if .Values.agones.controller.generateTLS }} 200 caBundle: {{ b64enc $ca.Cert }} 201 {{- else }} 202 caBundle: {{ default (.Files.Get "certs/server.crt") .Values.agones.controller.tlsCert | b64enc }} 203 {{- end }} 204 {{- end }} 205 objectSelector: 206 matchLabels: 207 agones.dev/port: "autopilot-passthrough" 208 rules: 209 - apiGroups: 210 - "" 211 resources: 212 - "pods" 213 apiVersions: 214 - "v1" 215 operations: 216 - CREATE 217 {{- end }} 218 {{- if not .Values.agones.controller.disableSecret }} 219 --- 220 apiVersion: v1 221 kind: Secret 222 metadata: 223 name: {{ template "agones.fullname" . }}-cert 224 namespace: {{ .Release.Namespace }} 225 labels: 226 app: {{ template "agones.name" . }} 227 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" 228 release: "{{ .Release.Name }}" 229 heritage: "{{ .Release.Service }}" 230 type: Opaque 231 data: 232 {{- if .Values.agones.controller.generateTLS }} 233 server.crt: {{ b64enc $cert.Cert }} 234 server.key: {{ b64enc $cert.Key }} 235 {{- else }} 236 server.crt: {{ default (.Files.Get "certs/server.crt") .Values.agones.controller.tlsCert | b64enc }} 237 server.key: {{ default (.Files.Get "certs/server.key") .Values.agones.controller.tlsKey | b64enc }} 238 {{- end }} 239 {{- end }}