# Source: cert-manager/charts/webhook/templates/validating-webhook.yaml apiVersion: admissionregistration.k8s.io/v1beta1 kind: ValidatingWebhookConfiguration metadata: name: cert-manager-webhook labels: app: webhook app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/managed-by: Tiller helm.sh/chart: webhook-v0.9.0 annotations: certmanager.k8s.io/inject-apiserver-ca: "true" webhooks: - name: certificates.admission.certmanager.k8s.io namespaceSelector: matchExpressions: - key: "certmanager.k8s.io/disable-validation" operator: "NotIn" values: - "true" - key: "name" operator: "NotIn" values: - cert-manager rules: - apiGroups: - "certmanager.k8s.io" apiVersions: - v1alpha1 operations: - CREATE - UPDATE resources: - certificates failurePolicy: Fail clientConfig: service: name: kubernetes namespace: default path: /apis/admission.certmanager.k8s.io/v1beta1/certificates - name: issuers.admission.certmanager.k8s.io namespaceSelector: matchExpressions: - key: "certmanager.k8s.io/disable-validation" operator: "NotIn" values: - "true" - key: "name" operator: "NotIn" values: - cert-manager rules: - apiGroups: - "certmanager.k8s.io" apiVersions: - v1alpha1 operations: - CREATE - UPDATE resources: - issuers failurePolicy: Fail clientConfig: service: name: kubernetes namespace: default path: /apis/admission.certmanager.k8s.io/v1beta1/issuers - name: clusterissuers.admission.certmanager.k8s.io namespaceSelector: matchExpressions: - key: "certmanager.k8s.io/disable-validation" operator: "NotIn" values: - "true" - key: "name" operator: "NotIn" values: - cert-manager rules: - apiGroups: - "certmanager.k8s.io" apiVersions: - v1alpha1 operations: - CREATE - UPDATE resources: - clusterissuers failurePolicy: Fail clientConfig: service: name: kubernetes namespace: default path: /apis/admission.certmanager.k8s.io/v1beta1/clusterissuers