charts/ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml - pcloud - Gitiles

 {{- if and .Values.controller.admissionWebhooks.enabled .Values.controller.admissionWebhooks.patch.enabled (not .Values.controller.admissionWebhooks.certManager.enabled) -}}
 apiVersion: batch/v1
 kind: Job
 metadata:
   name: {{ include "ingress-nginx.fullname" . }}-admission-create
   namespace: {{ .Release.Namespace }}
   annotations:
     "helm.sh/hook": pre-install,pre-upgrade
     "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
     {{- with .Values.controller.admissionWebhooks.annotations }}
     {{- toYaml . | nindent 4 }}
     {{- end }}
   labels:
     {{- include "ingress-nginx.labels" . | nindent 4 }}
     app.kubernetes.io/component: admission-webhook
     {{- with .Values.controller.admissionWebhooks.patch.labels }}
     {{- toYaml . | nindent 4 }}
     {{- end }}
 spec:
 {{- if .Capabilities.APIVersions.Has "batch/v1alpha1" }}
   # Alpha feature since k8s 1.12
   ttlSecondsAfterFinished: 0
 {{- end }}
   template:
     metadata:
       name: {{ include "ingress-nginx.fullname" . }}-admission-create
     {{- if .Values.controller.admissionWebhooks.patch.podAnnotations }}
       annotations: {{ toYaml .Values.controller.admissionWebhooks.patch.podAnnotations | nindent 8 }}
     {{- end }}
       labels:
         {{- include "ingress-nginx.labels" . | nindent 8 }}
         app.kubernetes.io/component: admission-webhook
         {{- with .Values.controller.admissionWebhooks.patch.labels }}
         {{- toYaml . | nindent 8 }}
         {{- end }}
     spec:
     {{- if .Values.controller.admissionWebhooks.patch.priorityClassName }}
       priorityClassName: {{ .Values.controller.admissionWebhooks.patch.priorityClassName }}
     {{- end }}
     {{- if .Values.imagePullSecrets }}
       imagePullSecrets: {{ toYaml .Values.imagePullSecrets | nindent 8 }}
     {{- end }}
       containers:
         - name: create
           {{- with .Values.controller.admissionWebhooks.patch.image }}
           image: "{{- if .repository -}}{{ .repository }}{{ else }}{{ .registry }}/{{ .image }}{{- end -}}:{{ .tag }}{{- if (.digest) -}} @{{.digest}} {{- end -}}"
           {{- end }}
           imagePullPolicy: {{ .Values.controller.admissionWebhooks.patch.image.pullPolicy }}
           args:
             - create
             - --host={{ include "ingress-nginx.controller.fullname" . }}-admission,{{ include "ingress-nginx.controller.fullname" . }}-admission.$(POD_NAMESPACE).svc
             - --namespace=$(POD_NAMESPACE)
             - --secret-name={{ include "ingress-nginx.fullname" . }}-admission
           env:
             - name: POD_NAMESPACE
               valueFrom:
                 fieldRef:
                   fieldPath: metadata.namespace
           {{- if .Values.controller.admissionWebhooks.extraEnvs }}
             {{- toYaml .Values.controller.admissionWebhooks.extraEnvs | nindent 12 }}
           {{- end }}
           {{- if .Values.controller.admissionWebhooks.createSecretJob.securityContext }}
           securityContext: {{ toYaml .Values.controller.admissionWebhooks.createSecretJob.securityContext | nindent 12 }}
           {{- end }}
           {{- if .Values.controller.admissionWebhooks.createSecretJob.resources }}
           resources: {{ toYaml .Values.controller.admissionWebhooks.createSecretJob.resources | nindent 12 }}
           {{- end }}
       restartPolicy: OnFailure
       serviceAccountName: {{ include "ingress-nginx.fullname" . }}-admission
     {{- if .Values.controller.admissionWebhooks.patch.nodeSelector }}
       nodeSelector: {{ toYaml .Values.controller.admissionWebhooks.patch.nodeSelector | nindent 8 }}
     {{- end }}
     {{- if .Values.controller.admissionWebhooks.patch.tolerations }}
       tolerations: {{ toYaml .Values.controller.admissionWebhooks.patch.tolerations | nindent 8 }}
     {{- end }}
       {{- if .Values.controller.admissionWebhooks.patch.securityContext }}
       securityContext:
         {{- toYaml .Values.controller.admissionWebhooks.patch.securityContext | nindent 8 }}
       {{- end }}
 {{- end }}
	{{- if and .Values.controller.admissionWebhooks.enabled .Values.controller.admissionWebhooks.patch.enabled (not .Values.controller.admissionWebhooks.certManager.enabled) -}}
	apiVersion: batch/v1
	kind: Job
	metadata:
	name: {{ include "ingress-nginx.fullname" . }}-admission-create
	namespace: {{ .Release.Namespace }}
	annotations:
	"helm.sh/hook": pre-install,pre-upgrade
	"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
	{{- with .Values.controller.admissionWebhooks.annotations }}
	{{- toYaml . \| nindent 4 }}
	{{- end }}
	labels:
	{{- include "ingress-nginx.labels" . \| nindent 4 }}
	app.kubernetes.io/component: admission-webhook
	{{- with .Values.controller.admissionWebhooks.patch.labels }}
	{{- toYaml . \| nindent 4 }}
	{{- end }}
	spec:
	{{- if .Capabilities.APIVersions.Has "batch/v1alpha1" }}
	# Alpha feature since k8s 1.12
	ttlSecondsAfterFinished: 0
	{{- end }}
	template:
	metadata:
	name: {{ include "ingress-nginx.fullname" . }}-admission-create
	{{- if .Values.controller.admissionWebhooks.patch.podAnnotations }}
	annotations: {{ toYaml .Values.controller.admissionWebhooks.patch.podAnnotations \| nindent 8 }}
	{{- end }}
	labels:
	{{- include "ingress-nginx.labels" . \| nindent 8 }}
	app.kubernetes.io/component: admission-webhook
	{{- with .Values.controller.admissionWebhooks.patch.labels }}
	{{- toYaml . \| nindent 8 }}
	{{- end }}
	spec:
	{{- if .Values.controller.admissionWebhooks.patch.priorityClassName }}
	priorityClassName: {{ .Values.controller.admissionWebhooks.patch.priorityClassName }}
	{{- end }}
	{{- if .Values.imagePullSecrets }}
	imagePullSecrets: {{ toYaml .Values.imagePullSecrets \| nindent 8 }}
	{{- end }}
	containers:
	- name: create
	{{- with .Values.controller.admissionWebhooks.patch.image }}
	image: "{{- if .repository -}}{{ .repository }}{{ else }}{{ .registry }}/{{ .image }}{{- end -}}:{{ .tag }}{{- if (.digest) -}} @{{.digest}} {{- end -}}"
	{{- end }}
	imagePullPolicy: {{ .Values.controller.admissionWebhooks.patch.image.pullPolicy }}
	args:
	- create
	- --host={{ include "ingress-nginx.controller.fullname" . }}-admission,{{ include "ingress-nginx.controller.fullname" . }}-admission.$(POD_NAMESPACE).svc
	- --namespace=$(POD_NAMESPACE)
	- --secret-name={{ include "ingress-nginx.fullname" . }}-admission
	env:
	- name: POD_NAMESPACE
	valueFrom:
	fieldRef:
	fieldPath: metadata.namespace
	{{- if .Values.controller.admissionWebhooks.extraEnvs }}
	{{- toYaml .Values.controller.admissionWebhooks.extraEnvs \| nindent 12 }}
	{{- end }}
	{{- if .Values.controller.admissionWebhooks.createSecretJob.securityContext }}
	securityContext: {{ toYaml .Values.controller.admissionWebhooks.createSecretJob.securityContext \| nindent 12 }}
	{{- end }}
	{{- if .Values.controller.admissionWebhooks.createSecretJob.resources }}
	resources: {{ toYaml .Values.controller.admissionWebhooks.createSecretJob.resources \| nindent 12 }}
	{{- end }}
	restartPolicy: OnFailure
	serviceAccountName: {{ include "ingress-nginx.fullname" . }}-admission
	{{- if .Values.controller.admissionWebhooks.patch.nodeSelector }}
	nodeSelector: {{ toYaml .Values.controller.admissionWebhooks.patch.nodeSelector \| nindent 8 }}
	{{- end }}
	{{- if .Values.controller.admissionWebhooks.patch.tolerations }}
	tolerations: {{ toYaml .Values.controller.admissionWebhooks.patch.tolerations \| nindent 8 }}
	{{- end }}
	{{- if .Values.controller.admissionWebhooks.patch.securityContext }}
	securityContext:
	{{- toYaml .Values.controller.admissionWebhooks.patch.securityContext \| nindent 8 }}
	{{- end }}
	{{- end }}