github.com/verrazzano/verrazzano@v1.7.0/platform-operator/capi/addon-verrazzano/v1.0.0/addon-components.yaml (about) 1 # Copyright (c) 2023, Oracle and/or its affiliates. 2 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. 3 4 apiVersion: v1 5 kind: Namespace 6 metadata: 7 labels: 8 cluster.x-k8s.io/provider: verrazzano-fleet 9 control-plane: controller-manager 10 name: caapv-system 11 --- 12 apiVersion: apiextensions.k8s.io/v1 13 kind: CustomResourceDefinition 14 metadata: 15 annotations: 16 cert-manager.io/inject-ca-from: caapv-system/caapv-serving-cert 17 controller-gen.kubebuilder.io/version: v0.10.0 18 labels: 19 cluster.x-k8s.io/provider: verrazzano-fleet 20 name: verrazzanofleetbindings.addons.cluster.x-k8s.io 21 spec: 22 conversion: 23 strategy: Webhook 24 webhook: 25 clientConfig: 26 service: 27 name: caapv-webhook-service 28 namespace: caapv-system 29 path: /convert 30 conversionReviewVersions: 31 - v1 32 group: addons.cluster.x-k8s.io 33 names: 34 categories: 35 - cluster-api 36 kind: VerrazzanoFleetBinding 37 listKind: VerrazzanoFleetBindingList 38 plural: verrazzanofleetbindings 39 shortNames: 40 - vfb 41 - vfbs 42 singular: verrazzanofleetbinding 43 scope: Namespaced 44 versions: 45 - additionalPrinterColumns: 46 - description: Cluster to which this VerrazzanoFleetBinding belongs 47 jsonPath: .spec.clusterRef.name 48 name: Cluster 49 type: string 50 - jsonPath: .status.conditions[?(@.type=='Ready')].status 51 name: Ready 52 type: string 53 - jsonPath: .status.conditions[?(@.type=='Ready')].reason 54 name: Reason 55 priority: 1 56 type: string 57 - jsonPath: .status.conditions[?(@.type=='Ready')].message 58 name: Message 59 priority: 1 60 type: string 61 - jsonPath: .status.conditions[?(@.type=='VerrazzanoOperatorReady')].status 62 name: Operator 63 priority: 1 64 type: string 65 - jsonPath: .status.revision 66 name: Revision 67 priority: 1 68 type: string 69 - jsonPath: .status.verrazzano.state 70 name: Verrazzano 71 priority: 1 72 type: string 73 - description: Time duration since creation of VerrazzanoFleet 74 jsonPath: .metadata.creationTimestamp 75 name: Age 76 type: date 77 name: v1alpha1 78 schema: 79 openAPIV3Schema: 80 description: VerrazzanoFleetBinding is the Schema for the verrazzanofleetbindings 81 API 82 properties: 83 apiVersion: 84 description: 'APIVersion defines the versioned schema of this representation 85 of an object. Servers should convert recognized schemas to the latest 86 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 87 type: string 88 kind: 89 description: 'Kind is a string value representing the REST resource this 90 object represents. Servers may infer this from the endpoint the client 91 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 92 type: string 93 metadata: 94 type: object 95 spec: 96 description: VerrazzanoFleetBindingSpec defines the desired state of VerrazzanoFleetBinding. 97 properties: 98 clusterRef: 99 description: ClusterRef is a reference to the Cluster to install the 100 Helm release on. 101 properties: 102 apiVersion: 103 description: API version of the referent. 104 type: string 105 fieldPath: 106 description: 'If referring to a piece of an object instead of 107 an entire object, this string should contain a valid JSON/Go 108 field access statement, such as desiredState.manifest.containers[2]. 109 For example, if the object reference is to a container within 110 a pod, this would take on a value like: "spec.containers{name}" 111 (where "name" refers to the name of the container that triggered 112 the event) or if no container name is specified "spec.containers[2]" 113 (container with index 2 in this pod). This syntax is chosen 114 only to have some well-defined way of referencing a part of 115 an object. TODO: this design is not final and this field is 116 subject to change in the future.' 117 type: string 118 kind: 119 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 120 type: string 121 name: 122 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 123 type: string 124 namespace: 125 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 126 type: string 127 resourceVersion: 128 description: 'Specific resourceVersion to which this reference 129 is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 130 type: string 131 uid: 132 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 133 type: string 134 type: object 135 x-kubernetes-map-type: atomic 136 image: 137 description: Image is used to set various attributes regarding a specific 138 module. If not set, they are set as per the ImageMeta definitions. 139 properties: 140 pullPolicy: 141 description: PullPolicy allows to specify an image pull policy 142 for the container images. if not set, the PullPolicy is IfNotPresent. 143 type: string 144 repository: 145 description: Repository sets the container registry to pull images 146 from. if not set, the Repository defined in OCNEMeta will be 147 used instead. 148 type: string 149 tag: 150 description: Tag allows to specify a tag for the image. if not 151 set, the Tag defined in OCNEMeta will be used instead. 152 type: string 153 type: object 154 imagePullSecrets: 155 description: ImagePullSecrets allows to specify secrets if the image 156 is being pulled from an authenticated private registry. if not set, 157 it will be assumed the images are public. 158 items: 159 properties: 160 name: 161 description: Name is name of the secret to be used as image 162 pull secret 163 type: string 164 type: object 165 type: array 166 privateRegistry: 167 description: PrivateRegistry sets the private registry settings for 168 installing Verrazzano. 169 properties: 170 enabled: 171 description: Enabled sets a flag to determine if a private registry 172 will be used when installing Verrazzano. if not set, the Enabled 173 is set to false. 174 type: boolean 175 type: object 176 verrazzano: 177 description: Verrazzano is a verrazzano spec for installation on remote 178 cluster. 179 properties: 180 spec: 181 type: object 182 x-kubernetes-preserve-unknown-fields: true 183 required: 184 - spec 185 type: object 186 required: 187 - clusterRef 188 - verrazzano 189 type: object 190 status: 191 description: VerrazzanoFleetBindingStatus defines the observed state of 192 VerrazzanoFleetBinding. 193 properties: 194 conditions: 195 description: Conditions defines current state of the VerrazzanoFleetBinding. 196 items: 197 description: Condition defines an observation of a Cluster API resource 198 operational state. 199 properties: 200 lastTransitionTime: 201 description: Last time the condition transitioned from one status 202 to another. This should be when the underlying condition changed. 203 If that is not known, then using the time when the API field 204 changed is acceptable. 205 format: date-time 206 type: string 207 message: 208 description: A human readable message indicating details about 209 the transition. This field may be empty. 210 type: string 211 reason: 212 description: The reason for the condition's last transition 213 in CamelCase. The specific API may choose whether or not this 214 field is considered a guaranteed API. This field may not be 215 empty. 216 type: string 217 severity: 218 description: Severity provides an explicit classification of 219 Reason code, so the users or machines can immediately understand 220 the current situation and act accordingly. The Severity field 221 MUST be set only when Status=False. 222 type: string 223 status: 224 description: Status of the condition, one of True, False, Unknown. 225 type: string 226 type: 227 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 228 Many .condition.type values are consistent across resources 229 like Available, but because arbitrary conditions can be useful 230 (see .node.status.conditions), the ability to deconflict is 231 important. 232 type: string 233 required: 234 - lastTransitionTime 235 - status 236 - type 237 type: object 238 type: array 239 revision: 240 description: Revision is the current revision of the Helm release. 241 type: integer 242 status: 243 description: Status is the current status of the Helm release. 244 type: string 245 verrazzano: 246 description: VerrazzanoStatus objects displays verrazzano specific 247 status 248 properties: 249 componentsAvailable: 250 description: ComponentsAvailable displays the health of Verrazzano 251 component 252 type: string 253 state: 254 description: Stats depicts the state of the Verrazzano installed 255 on the cluster. 256 type: string 257 version: 258 description: Version depicts the version of Verrazzano installed 259 on the cluster. 260 type: string 261 type: object 262 type: object 263 type: object 264 served: true 265 storage: true 266 subresources: 267 status: {} 268 --- 269 apiVersion: apiextensions.k8s.io/v1 270 kind: CustomResourceDefinition 271 metadata: 272 annotations: 273 cert-manager.io/inject-ca-from: caapv-system/caapv-serving-cert 274 controller-gen.kubebuilder.io/version: v0.10.0 275 labels: 276 cluster.x-k8s.io/provider: verrazzano-fleet 277 name: verrazzanofleets.addons.cluster.x-k8s.io 278 spec: 279 conversion: 280 strategy: Webhook 281 webhook: 282 clientConfig: 283 service: 284 name: caapv-webhook-service 285 namespace: caapv-system 286 path: /convert 287 conversionReviewVersions: 288 - v1 289 group: addons.cluster.x-k8s.io 290 names: 291 categories: 292 - cluster-api 293 kind: VerrazzanoFleet 294 listKind: VerrazzanoFleetList 295 plural: verrazzanofleets 296 shortNames: 297 - vf 298 - vfs 299 singular: verrazzanofleet 300 scope: Namespaced 301 versions: 302 - additionalPrinterColumns: 303 - jsonPath: .status.conditions[?(@.type=='Ready')].status 304 name: Ready 305 type: string 306 - jsonPath: .status.conditions[?(@.type=='Ready')].reason 307 name: Reason 308 type: string 309 - jsonPath: .status.conditions[?(@.type=='Ready')].message 310 name: Message 311 priority: 1 312 type: string 313 - description: Time duration since creation of VerrazzanoFleet 314 jsonPath: .metadata.creationTimestamp 315 name: Age 316 type: date 317 name: v1alpha1 318 schema: 319 openAPIV3Schema: 320 description: VerrazzanoFleet is the Schema for the verrazzanofleets API 321 properties: 322 apiVersion: 323 description: 'APIVersion defines the versioned schema of this representation 324 of an object. Servers should convert recognized schemas to the latest 325 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 326 type: string 327 kind: 328 description: 'Kind is a string value representing the REST resource this 329 object represents. Servers may infer this from the endpoint the client 330 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 331 type: string 332 metadata: 333 type: object 334 spec: 335 description: VerrazzanoFleetSpec defines the desired state of VerrazzanoFleet. 336 properties: 337 clusterSelector: 338 description: ClusterSelector selects a single Cluster in the same 339 namespace with specified cluster name. 340 properties: 341 name: 342 description: Name is name cluster where verrazzano will be installed 343 type: string 344 type: object 345 image: 346 description: Image is used to set various attributes regarding a specific 347 module. If not set, they are set as per the ImageMeta definitions. 348 properties: 349 pullPolicy: 350 description: PullPolicy allows to specify an image pull policy 351 for the container images. if not set, the PullPolicy is IfNotPresent. 352 type: string 353 repository: 354 description: Repository sets the container registry to pull images 355 from. if not set, the Repository defined in OCNEMeta will be 356 used instead. 357 type: string 358 tag: 359 description: Tag allows to specify a tag for the image. if not 360 set, the Tag defined in OCNEMeta will be used instead. 361 type: string 362 type: object 363 imagePullSecrets: 364 description: ImagePullSecrets allows to specify secrets if the image 365 is being pulled from an authenticated private registry. if not set, 366 it will be assumed the images are public. 367 items: 368 properties: 369 name: 370 description: Name is name of the secret to be used as image 371 pull secret 372 type: string 373 type: object 374 type: array 375 privateRegistry: 376 description: PrivateRegistry sets the private registry settings for 377 installing Verrazzano. 378 properties: 379 enabled: 380 description: Enabled sets a flag to determine if a private registry 381 will be used when installing Verrazzano. if not set, the Enabled 382 is set to false. 383 type: boolean 384 type: object 385 verrazzano: 386 description: Verrazzano is a verrazzano spec for installation on remote 387 cluster. 388 properties: 389 spec: 390 type: object 391 x-kubernetes-preserve-unknown-fields: true 392 required: 393 - spec 394 type: object 395 required: 396 - clusterSelector 397 - verrazzano 398 type: object 399 status: 400 description: VerrazzanoFleetStatus defines the observed state of VerrazzanoFleet. 401 properties: 402 conditions: 403 description: Conditions defines current state of the VerrazzanoFleet. 404 items: 405 description: Condition defines an observation of a Cluster API resource 406 operational state. 407 properties: 408 lastTransitionTime: 409 description: Last time the condition transitioned from one status 410 to another. This should be when the underlying condition changed. 411 If that is not known, then using the time when the API field 412 changed is acceptable. 413 format: date-time 414 type: string 415 message: 416 description: A human readable message indicating details about 417 the transition. This field may be empty. 418 type: string 419 reason: 420 description: The reason for the condition's last transition 421 in CamelCase. The specific API may choose whether or not this 422 field is considered a guaranteed API. This field may not be 423 empty. 424 type: string 425 severity: 426 description: Severity provides an explicit classification of 427 Reason code, so the users or machines can immediately understand 428 the current situation and act accordingly. The Severity field 429 MUST be set only when Status=False. 430 type: string 431 status: 432 description: Status of the condition, one of True, False, Unknown. 433 type: string 434 type: 435 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 436 Many .condition.type values are consistent across resources 437 like Available, but because arbitrary conditions can be useful 438 (see .node.status.conditions), the ability to deconflict is 439 important. 440 type: string 441 required: 442 - lastTransitionTime 443 - status 444 - type 445 type: object 446 type: array 447 type: object 448 type: object 449 served: true 450 storage: true 451 subresources: 452 status: {} 453 --- 454 apiVersion: v1 455 kind: ServiceAccount 456 metadata: 457 labels: 458 cluster.x-k8s.io/provider: verrazzano-fleet 459 name: caapv-controller-manager 460 namespace: caapv-system 461 --- 462 apiVersion: rbac.authorization.k8s.io/v1 463 kind: Role 464 metadata: 465 labels: 466 cluster.x-k8s.io/provider: verrazzano-fleet 467 name: caapv-leader-election-role 468 namespace: caapv-system 469 rules: 470 - apiGroups: 471 - "" 472 resources: 473 - configmaps 474 verbs: 475 - get 476 - list 477 - watch 478 - create 479 - update 480 - patch 481 - delete 482 - apiGroups: 483 - coordination.k8s.io 484 resources: 485 - leases 486 verbs: 487 - get 488 - list 489 - watch 490 - create 491 - update 492 - patch 493 - delete 494 - apiGroups: 495 - "" 496 resources: 497 - events 498 verbs: 499 - create 500 - patch 501 --- 502 apiVersion: rbac.authorization.k8s.io/v1 503 kind: ClusterRole 504 metadata: 505 creationTimestamp: null 506 labels: 507 cluster.x-k8s.io/provider: verrazzano-fleet 508 name: caapv-manager-role 509 rules: 510 - apiGroups: 511 - "" 512 resources: 513 - namespaces 514 verbs: 515 - list 516 - apiGroups: 517 - "" 518 resources: 519 - secrets 520 verbs: 521 - get 522 - list 523 - watch 524 - apiGroups: 525 - addons.cluster.x-k8s.io 526 resources: 527 - verrazzanofleetbindings 528 verbs: 529 - create 530 - delete 531 - get 532 - list 533 - patch 534 - update 535 - watch 536 - apiGroups: 537 - addons.cluster.x-k8s.io 538 resources: 539 - verrazzanofleetbindings/finalizers 540 verbs: 541 - update 542 - apiGroups: 543 - addons.cluster.x-k8s.io 544 resources: 545 - verrazzanofleetbindings/status 546 verbs: 547 - get 548 - patch 549 - update 550 - apiGroups: 551 - addons.cluster.x-k8s.io 552 resources: 553 - verrazzanofleets 554 verbs: 555 - create 556 - delete 557 - get 558 - list 559 - patch 560 - update 561 - watch 562 - apiGroups: 563 - addons.cluster.x-k8s.io 564 resources: 565 - verrazzanofleets/finalizers 566 verbs: 567 - update 568 - apiGroups: 569 - addons.cluster.x-k8s.io 570 resources: 571 - verrazzanofleets/status 572 verbs: 573 - get 574 - patch 575 - update 576 - apiGroups: 577 - apiextensions.k8s.io 578 resources: 579 - customresourcedefinitions 580 verbs: 581 - get 582 - watch 583 - apiGroups: 584 - bootstrap.cluster.x-k8s.io 585 - clusterctl.cluster.x-k8s.io 586 - controlplane.cluster.x-k8s.io 587 - infrastructure.cluster.x-k8s.io 588 resources: 589 - '*' 590 verbs: 591 - get 592 - list 593 - watch 594 - apiGroups: 595 - cluster.x-k8s.io 596 resources: 597 - clusters 598 verbs: 599 - get 600 - list 601 - watch 602 - apiGroups: 603 - cluster.x-k8s.io 604 resources: 605 - secrets 606 verbs: 607 - get 608 - list 609 - watch 610 - apiGroups: 611 - controlplane.cluster.x-k8s.io 612 resources: 613 - kubeadmcontrolplanes 614 verbs: 615 - get 616 - list 617 - watch 618 - apiGroups: 619 - "" 620 resources: 621 - configmaps 622 verbs: 623 - create 624 - get 625 - list 626 - patch 627 - update 628 - watch 629 - apiGroups: 630 - install.verrazzano.io 631 resources: 632 - verrazzanos 633 verbs: 634 - get 635 - list 636 - watch 637 --- 638 apiVersion: rbac.authorization.k8s.io/v1 639 kind: ClusterRole 640 metadata: 641 labels: 642 cluster.x-k8s.io/provider: verrazzano-fleet 643 name: caapv-metrics-reader 644 rules: 645 - nonResourceURLs: 646 - /metrics 647 verbs: 648 - get 649 --- 650 apiVersion: rbac.authorization.k8s.io/v1 651 kind: ClusterRole 652 metadata: 653 labels: 654 cluster.x-k8s.io/provider: verrazzano-fleet 655 name: caapv-proxy-role 656 rules: 657 - apiGroups: 658 - authentication.k8s.io 659 resources: 660 - tokenreviews 661 verbs: 662 - create 663 - apiGroups: 664 - authorization.k8s.io 665 resources: 666 - subjectaccessreviews 667 verbs: 668 - create 669 --- 670 apiVersion: rbac.authorization.k8s.io/v1 671 kind: RoleBinding 672 metadata: 673 labels: 674 cluster.x-k8s.io/provider: verrazzano-fleet 675 name: caapv-leader-election-rolebinding 676 namespace: caapv-system 677 roleRef: 678 apiGroup: rbac.authorization.k8s.io 679 kind: Role 680 name: caapv-leader-election-role 681 subjects: 682 - kind: ServiceAccount 683 name: caapv-controller-manager 684 namespace: caapv-system 685 --- 686 apiVersion: rbac.authorization.k8s.io/v1 687 kind: ClusterRoleBinding 688 metadata: 689 labels: 690 cluster.x-k8s.io/provider: verrazzano-fleet 691 name: caapv-manager-rolebinding 692 roleRef: 693 apiGroup: rbac.authorization.k8s.io 694 kind: ClusterRole 695 name: caapv-manager-role 696 subjects: 697 - kind: ServiceAccount 698 name: caapv-controller-manager 699 namespace: caapv-system 700 --- 701 apiVersion: rbac.authorization.k8s.io/v1 702 kind: ClusterRoleBinding 703 metadata: 704 labels: 705 cluster.x-k8s.io/provider: verrazzano-fleet 706 name: caapv-proxy-rolebinding 707 roleRef: 708 apiGroup: rbac.authorization.k8s.io 709 kind: ClusterRole 710 name: caapv-proxy-role 711 subjects: 712 - kind: ServiceAccount 713 name: caapv-controller-manager 714 namespace: caapv-system 715 --- 716 apiVersion: v1 717 data: 718 controller_manager_config.yaml: | 719 apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 720 kind: ControllerManagerConfig 721 health: 722 healthProbeBindAddress: :8081 723 metrics: 724 bindAddress: 127.0.0.1:8080 725 webhook: 726 port: 9443 727 leaderElection: 728 leaderElect: true 729 resourceName: 5a2dee3e.cluster.x-k8s.io 730 kind: ConfigMap 731 metadata: 732 labels: 733 cluster.x-k8s.io/provider: verrazzano-fleet 734 name: caapv-manager-config 735 namespace: caapv-system 736 --- 737 apiVersion: v1 738 kind: Service 739 metadata: 740 labels: 741 cluster.x-k8s.io/provider: verrazzano-fleet 742 control-plane: controller-manager 743 name: caapv-controller-manager-metrics-service 744 namespace: caapv-system 745 spec: 746 ports: 747 - name: https 748 port: 8443 749 protocol: TCP 750 targetPort: https 751 selector: 752 cluster.x-k8s.io/provider: verrazzano-fleet 753 control-plane: controller-manager 754 --- 755 apiVersion: v1 756 kind: Service 757 metadata: 758 labels: 759 cluster.x-k8s.io/provider: verrazzano-fleet 760 name: caapv-webhook-service 761 namespace: caapv-system 762 spec: 763 ports: 764 - port: 443 765 protocol: TCP 766 targetPort: 9443 767 selector: 768 cluster.x-k8s.io/provider: verrazzano-fleet 769 control-plane: controller-manager 770 --- 771 apiVersion: apps/v1 772 kind: Deployment 773 metadata: 774 labels: 775 cluster.x-k8s.io/provider: verrazzano-fleet 776 control-plane: controller-manager 777 name: caapv-controller-manager 778 namespace: caapv-system 779 spec: 780 replicas: 1 781 selector: 782 matchLabels: 783 cluster.x-k8s.io/provider: verrazzano-fleet 784 control-plane: controller-manager 785 template: 786 metadata: 787 annotations: 788 kubectl.kubernetes.io/default-container: manager 789 labels: 790 cluster.x-k8s.io/provider: verrazzano-fleet 791 control-plane: controller-manager 792 spec: 793 containers: 794 - args: 795 - --leader-elect 796 env: 797 - name: POD_NAMESPACE 798 valueFrom: 799 fieldRef: 800 fieldPath: metadata.namespace 801 image: ghcr.io/verrazzano/cluster-api-verrazzano-addon-controller:20230928185148-24160e8 802 imagePullPolicy: Always 803 livenessProbe: 804 httpGet: 805 path: /healthz 806 port: 8081 807 initialDelaySeconds: 15 808 periodSeconds: 20 809 name: manager 810 ports: 811 - containerPort: 9443 812 name: webhook-server 813 protocol: TCP 814 readinessProbe: 815 httpGet: 816 path: /readyz 817 port: 8081 818 initialDelaySeconds: 5 819 periodSeconds: 10 820 volumeMounts: 821 - mountPath: /tmp/k8s-webhook-server/serving-certs 822 name: cert 823 readOnly: true 824 serviceAccountName: caapv-controller-manager 825 terminationGracePeriodSeconds: 10 826 volumes: 827 - name: cert 828 secret: 829 defaultMode: 420 830 secretName: webhook-server-cert 831 --- 832 apiVersion: cert-manager.io/v1 833 kind: Certificate 834 metadata: 835 labels: 836 cluster.x-k8s.io/provider: verrazzano-fleet 837 name: caapv-serving-cert 838 namespace: caapv-system 839 spec: 840 dnsNames: 841 - caapv-webhook-service.caapv-system.svc 842 - caapv-webhook-service.caapv-system.svc.cluster.local 843 issuerRef: 844 kind: Issuer 845 name: caapv-selfsigned-issuer 846 secretName: webhook-server-cert 847 --- 848 apiVersion: cert-manager.io/v1 849 kind: Issuer 850 metadata: 851 labels: 852 cluster.x-k8s.io/provider: verrazzano-fleet 853 name: caapv-selfsigned-issuer 854 namespace: caapv-system 855 spec: 856 selfSigned: {} 857 --- 858 apiVersion: admissionregistration.k8s.io/v1 859 kind: MutatingWebhookConfiguration 860 metadata: 861 annotations: 862 cert-manager.io/inject-ca-from: caapv-system/caapv-serving-cert 863 labels: 864 cluster.x-k8s.io/provider: verrazzano-fleet 865 name: caapv-mutating-webhook-configuration 866 webhooks: 867 - admissionReviewVersions: 868 - v1 869 clientConfig: 870 service: 871 name: caapv-webhook-service 872 namespace: caapv-system 873 path: /mutate-addons-cluster-x-k8s-io-v1alpha1-verrazzanofleet 874 failurePolicy: Fail 875 name: verrazzanofleet.x-k8s.io 876 rules: 877 - apiGroups: 878 - addons.cluster.x-k8s.io 879 apiVersions: 880 - v1alpha1 881 operations: 882 - CREATE 883 - UPDATE 884 resources: 885 - verrazzanofleets 886 sideEffects: None 887 - admissionReviewVersions: 888 - v1 889 clientConfig: 890 service: 891 name: caapv-webhook-service 892 namespace: caapv-system 893 path: /mutate-addons-cluster-x-k8s-io-v1alpha1-verrazzanofleetbinding 894 failurePolicy: Fail 895 name: verrazzanofleetbinding.x-k8s.io 896 rules: 897 - apiGroups: 898 - addons.cluster.x-k8s.io 899 apiVersions: 900 - v1alpha1 901 operations: 902 - CREATE 903 - UPDATE 904 resources: 905 - verrazzanofleetbindings 906 sideEffects: None 907 --- 908 apiVersion: admissionregistration.k8s.io/v1 909 kind: ValidatingWebhookConfiguration 910 metadata: 911 annotations: 912 cert-manager.io/inject-ca-from: caapv-system/caapv-serving-cert 913 labels: 914 cluster.x-k8s.io/provider: verrazzano-fleet 915 name: caapv-validating-webhook-configuration 916 webhooks: 917 - admissionReviewVersions: 918 - v1 919 clientConfig: 920 service: 921 name: caapv-webhook-service 922 namespace: caapv-system 923 path: /validate-addons-cluster-x-k8s-io-v1alpha1-verrazzanofleet 924 failurePolicy: Fail 925 name: verrazzanofleet.x-k8s.io 926 rules: 927 - apiGroups: 928 - addons.cluster.x-k8s.io 929 apiVersions: 930 - v1alpha1 931 operations: 932 - CREATE 933 - UPDATE 934 resources: 935 - verrazzanofleets 936 sideEffects: None 937 - admissionReviewVersions: 938 - v1 939 clientConfig: 940 service: 941 name: caapv-webhook-service 942 namespace: caapv-system 943 path: /validate-addons-cluster-x-k8s-io-v1alpha1-verrazzanofleetbinding 944 failurePolicy: Fail 945 name: verrazzanofleetbinding.x-k8s.io 946 rules: 947 - apiGroups: 948 - addons.cluster.x-k8s.io 949 apiVersions: 950 - v1alpha1 951 operations: 952 - CREATE 953 - UPDATE 954 resources: 955 - verrazzanofleetbindings 956 sideEffects: None