Blame - charts/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml - pcloud

blob: f27244dc9601f8bd3def5cc191fbc1565af68dc5 [file] [log] [blame]

Giorgi Lekveishvili	725bb39	2023-05-05 18:24:27 +0400	[diff] [blame]	1	{{- if .Values.controller.admissionWebhooks.enabled -}}
				2	# before changing this value, check the required kubernetes version
				3	# https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#prerequisites
				4	apiVersion: admissionregistration.k8s.io/v1
				5	kind: ValidatingWebhookConfiguration
				6	metadata:
Giorgi Lekveishvili	cccf72f	2023-05-19 16:13:22 +0400	[diff] [blame^]	7	annotations:
				8	{{- if .Values.controller.admissionWebhooks.certManager.enabled }}
				9	certmanager.k8s.io/inject-ca-from: {{ printf "%s/%s-admission" .Release.Namespace (include "ingress-nginx.fullname" .) \| quote }}
				10	cert-manager.io/inject-ca-from: {{ printf "%s/%s-admission" .Release.Namespace (include "ingress-nginx.fullname" .) \| quote }}
				11	{{- end }}
Giorgi Lekveishvili	725bb39	2023-05-05 18:24:27 +0400	[diff] [blame]	12	{{- if .Values.controller.admissionWebhooks.annotations }}
Giorgi Lekveishvili	cccf72f	2023-05-19 16:13:22 +0400	[diff] [blame^]	13	{{- toYaml .Values.controller.admissionWebhooks.annotations \| nindent 4 }}
Giorgi Lekveishvili	725bb39	2023-05-05 18:24:27 +0400	[diff] [blame]	14	{{- end }}
				15	labels:
				16	{{- include "ingress-nginx.labels" . \| nindent 4 }}
				17	app.kubernetes.io/component: admission-webhook
Giorgi Lekveishvili	cccf72f	2023-05-19 16:13:22 +0400	[diff] [blame^]	18	{{- with .Values.controller.admissionWebhooks.labels }}
				19	{{- toYaml . \| nindent 4 }}
				20	{{- end }}
Giorgi Lekveishvili	725bb39	2023-05-05 18:24:27 +0400	[diff] [blame]	21	name: {{ include "ingress-nginx.fullname" . }}-admission
				22	webhooks:
				23	- name: validate.nginx.ingress.kubernetes.io
				24	matchPolicy: Equivalent
				25	rules:
				26	- apiGroups:
				27	- networking.k8s.io
				28	apiVersions:
				29	- v1
				30	operations:
				31	- CREATE
				32	- UPDATE
				33	resources:
				34	- ingresses
				35	failurePolicy: {{ .Values.controller.admissionWebhooks.failurePolicy \| default "Fail" }}
				36	sideEffects: None
				37	admissionReviewVersions:
				38	- v1
				39	clientConfig:
				40	service:
				41	namespace: {{ .Release.Namespace \| quote }}
				42	name: {{ include "ingress-nginx.controller.fullname" . }}-admission
				43	path: /networking/v1/ingresses
				44	{{- if .Values.controller.admissionWebhooks.timeoutSeconds }}
				45	timeoutSeconds: {{ .Values.controller.admissionWebhooks.timeoutSeconds }}
				46	{{- end }}
				47	{{- if .Values.controller.admissionWebhooks.namespaceSelector }}
				48	namespaceSelector: {{ toYaml .Values.controller.admissionWebhooks.namespaceSelector \| nindent 6 }}
				49	{{- end }}
				50	{{- if .Values.controller.admissionWebhooks.objectSelector }}
				51	objectSelector: {{ toYaml .Values.controller.admissionWebhooks.objectSelector \| nindent 6 }}
				52	{{- end }}
				53	{{- end }}