github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/oam-kubernetes-runtime/templates/webhook.yaml (about) 1 {{- if .Values.useWebhook -}} 2 --- 3 apiVersion: admissionregistration.k8s.io/v1 4 kind: ValidatingWebhookConfiguration 5 metadata: 6 name: {{ include "oam-kubernetes-runtime.fullname" . }} 7 labels: 8 {{- include "oam-kubernetes-runtime.selectorLabels" . | nindent 4 }} 9 webhooks: 10 - name: "validate.applicationconfigurations.core.oam.dev" 11 rules: 12 - apiGroups: ["core.oam.dev"] 13 apiVersions: ["v1alpha2"] 14 operations: ["CREATE", "UPDATE"] 15 resources: ["applicationconfigurations"] 16 scope: "Namespaced" 17 clientConfig: 18 service: 19 namespace: {{.Release.Namespace}} 20 name: {{ template "oam-kubernetes-runtime.name" . }}-webhook 21 path: /validating-core-oam-dev-v1alpha2-applicationconfigurations 22 caBundle: "{{.Values.certificate.caBundle}}" 23 admissionReviewVersions: ["v1"] 24 failurePolicy: Fail 25 timeoutSeconds: 5 26 sideEffects: None 27 - name: "validate.component.core.oam.dev" 28 clientConfig: 29 service: 30 name: {{ template "oam-kubernetes-runtime.name" . }}-webhook 31 namespace: {{.Release.Namespace}} 32 path: /validating-core-oam-dev-v1alpha2-components 33 caBundle: "{{.Values.certificate.caBundle}}" 34 rules: 35 - apiGroups: ["core.oam.dev"] 36 apiVersions: ["v1alpha2"] 37 operations: ["CREATE", "UPDATE"] 38 resources: ["components"] 39 scope: "Namespaced" 40 admissionReviewVersions: 41 - v1 42 failurePolicy: Fail 43 timeoutSeconds: 5 44 matchPolicy: Exact 45 sideEffects: None 46 --- 47 apiVersion: admissionregistration.k8s.io/v1 48 kind: MutatingWebhookConfiguration 49 metadata: 50 name: {{ include "oam-kubernetes-runtime.fullname" . }} 51 labels: 52 {{- include "oam-kubernetes-runtime.selectorLabels" . | nindent 4 }} 53 webhooks: 54 - name: "mutate.applicationconfigurations.core.oam.dev" 55 clientConfig: 56 service: 57 name: {{ template "oam-kubernetes-runtime.name" . }}-webhook 58 namespace: {{.Release.Namespace}} 59 path: /mutating-core-oam-dev-v1alpha2-applicationconfigurations 60 caBundle: "{{.Values.certificate.caBundle}}" 61 rules: 62 - apiGroups: ["core.oam.dev"] 63 apiVersions: ["v1alpha2"] 64 operations: ["CREATE", "UPDATE"] 65 resources: ["applicationconfigurations"] 66 scope: "Namespaced" 67 admissionReviewVersions: ["v1"] 68 failurePolicy: Fail 69 timeoutSeconds: 5 70 sideEffects: Unknown 71 - name: "mutate.component.core.oam.dev" 72 clientConfig: 73 service: 74 name: {{ template "oam-kubernetes-runtime.name" . }}-webhook 75 namespace: {{.Release.Namespace}} 76 path: /mutating-core-oam-dev-v1alpha2-components 77 caBundle: "{{.Values.certificate.caBundle}}" 78 rules: 79 - apiGroups: ["core.oam.dev"] 80 apiVersions: ["v1alpha2"] 81 operations: ["CREATE", "UPDATE"] 82 resources: ["components"] 83 scope: "Namespaced" 84 failurePolicy: Fail 85 timeoutSeconds: 5 86 sideEffects: None 87 matchPolicy: Exact 88 admissionReviewVersions: 89 - v1 90 --- 91 apiVersion: v1 92 kind: Service 93 metadata: 94 name: {{ template "oam-kubernetes-runtime.name" . }}-webhook 95 labels: 96 {{- include "oam-kubernetes-runtime.selectorLabels" . | nindent 4 }} 97 spec: 98 type: {{ .Values.webhookService.type }} 99 ports: 100 - port: 443 101 targetPort: {{ .Values.webhookService.port }} 102 protocol: TCP 103 name: https 104 selector: 105 {{ include "oam-kubernetes-runtime.selectorLabels" . | nindent 6 }} 106 107 {{- end -}}