open-cluster-management.io/governance-policy-propagator@v0.13.0/deploy/manager/manager.yaml (about) 1 --- 2 apiVersion: apps/v1 3 kind: Deployment 4 metadata: 5 labels: 6 webhook-origin: governance-policy-propagator 7 name: governance-policy-propagator 8 spec: 9 replicas: 1 10 selector: 11 matchLabels: 12 name: governance-policy-propagator 13 webhook-origin: governance-policy-propagator 14 template: 15 metadata: 16 annotations: 17 kubectl.kubernetes.io/default-container: governance-policy-propagator 18 labels: 19 name: governance-policy-propagator 20 webhook-origin: governance-policy-propagator 21 spec: 22 serviceAccountName: governance-policy-propagator 23 containers: 24 - name: governance-policy-propagator 25 image: quay.io/open-cluster-management/governance-policy-propagator:latest 26 command: 27 - governance-policy-propagator 28 args: 29 - "--health-probe-bind-address=:8081" 30 - "--metrics-bind-address=:8383" 31 - "--leader-elect" 32 - "--compliance-history-api-host=0.0.0.0" 33 ports: 34 - containerPort: 8383 35 protocol: TCP 36 name: http 37 - containerPort: 8384 38 protocol: TCP 39 name: compliance-api 40 - containerPort: 9443 41 protocol: TCP 42 name: webhook-http 43 imagePullPolicy: Always 44 volumeMounts: 45 - mountPath: /tmp/k8s-webhook-server/serving-certs 46 name: cert 47 readOnly: true 48 env: 49 - name: WATCH_NAMESPACE 50 value: "" 51 - name: POD_NAME 52 valueFrom: 53 fieldRef: 54 fieldPath: metadata.name 55 - name: OPERATOR_NAME 56 value: "governance-policy-propagator" 57 - name: WATCH_NAMESPACE_COMPLIANCE_EVENTS_STORE 58 valueFrom: 59 fieldRef: 60 fieldPath: metadata.namespace 61 volumes: 62 - name: cert 63 secret: 64 defaultMode: 420 65 secretName: propagator-webhook-server-cert 66 --- 67 apiVersion: v1 68 kind: Service 69 metadata: 70 name: governance-compliance-api 71 spec: 72 ports: 73 - port: 8384 74 protocol: TCP 75 targetPort: 8384 76 selector: 77 name: governance-policy-propagator