github.com/replicatedcom/ship@v0.50.0/integration/init/istio/expected/base/charts/security/templates/configmap.yaml (about) 1 --- 2 # Source: istio/charts/security/templates/configmap.yaml 3 apiVersion: v1 4 kind: ConfigMap 5 metadata: 6 name: istio-security-custom-resources 7 namespace: default 8 labels: 9 app: security 10 chart: security 11 heritage: Tiller 12 release: istio 13 istio: citadel 14 data: 15 custom-resources.yaml: |- 16 # Authentication policy to enable permissive mode for all services (that have sidecar) in the mesh. 17 apiVersion: "authentication.istio.io/v1alpha1" 18 kind: "MeshPolicy" 19 metadata: 20 name: "default" 21 labels: 22 app: security 23 chart: security 24 heritage: Tiller 25 release: istio 26 spec: 27 peers: 28 - mtls: 29 mode: PERMISSIVE 30 run.sh: |- 31 #!/bin/sh 32 33 set -x 34 35 if [ "$#" -ne "1" ]; then 36 echo "first argument should be path to custom resource yaml" 37 exit 1 38 fi 39 40 pathToResourceYAML=${1} 41 42 kubectl get validatingwebhookconfiguration istio-galley 2>/dev/null 43 if [ "$?" -eq 0 ]; then 44 echo "istio-galley validatingwebhookconfiguration found - waiting for istio-galley deployment to be ready" 45 while true; do 46 kubectl -n default get deployment istio-galley 2>/dev/null 47 if [ "$?" -eq 0 ]; then 48 break 49 fi 50 sleep 1 51 done 52 kubectl -n default rollout status deployment istio-galley 53 if [ "$?" -ne 0 ]; then 54 echo "istio-galley deployment rollout status check failed" 55 exit 1 56 fi 57 echo "istio-galley deployment ready for configuration validation" 58 fi 59 sleep 5 60 kubectl apply -f ${pathToResourceYAML} 61