45 lines
1.2 KiB
YAML
45 lines
1.2 KiB
YAML
# Source: cert-manager/templates/webhook-validating-webhook.yaml
|
|
apiVersion: admissionregistration.k8s.io/v1beta1
|
|
kind: ValidatingWebhookConfiguration
|
|
metadata:
|
|
name: cert-manager-webhook
|
|
labels:
|
|
app: webhook
|
|
app.kubernetes.io/name: webhook
|
|
app.kubernetes.io/instance: cert-manager
|
|
app.kubernetes.io/managed-by: Helm
|
|
app.kubernetes.io/component: "webhook"
|
|
helm.sh/chart: cert-manager-v0.14.1
|
|
annotations:
|
|
cert-manager.io/inject-ca-from-secret: "cert-manager/cert-manager-webhook-tls"
|
|
webhooks:
|
|
- name: webhook.cert-manager.io
|
|
namespaceSelector:
|
|
matchExpressions:
|
|
- key: "cert-manager.io/disable-validation"
|
|
operator: "NotIn"
|
|
values:
|
|
- "true"
|
|
- key: "name"
|
|
operator: "NotIn"
|
|
values:
|
|
- cert-manager
|
|
rules:
|
|
- apiGroups:
|
|
- "cert-manager.io"
|
|
- "acme.cert-manager.io"
|
|
apiVersions:
|
|
- v1alpha2
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- "*/*"
|
|
failurePolicy: Fail
|
|
# Only include 'sideEffects' field in Kubernetes 1.12+
|
|
sideEffects: None
|
|
clientConfig:
|
|
service:
|
|
name: cert-manager-webhook
|
|
namespace: "cert-manager"
|
|
path: /mutate
|