DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ingress-nginx-helm/charts/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml
jasine 7ce6cc88d8
feat: add namespace overrides (#10539) 
* feat: add namespace overrides

* add value in readme

* fix: readme description

* fix: description in value

* fix: set max length and trim last "-"
2023-10-24 19:53:46 +02:00

53 lines
2.3 KiB
YAML
Raw Blame History

{{- if .Values.controller.admissionWebhooks.enabled -}}
# before changing this value, check the required kubernetes version
# https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#prerequisites
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
annotations:
{{- if .Values.controller.admissionWebhooks.certManager.enabled }}
certmanager.k8s.io/inject-ca-from: {{ printf "%s/%s-admission" .Release.Namespace (include "ingress-nginx.fullname" .) | quote }}
cert-manager.io/inject-ca-from: {{ printf "%s/%s-admission" .Release.Namespace (include "ingress-nginx.fullname" .) | quote }}
{{- end }}
{{- if .Values.controller.admissionWebhooks.annotations }}
{{- toYaml .Values.controller.admissionWebhooks.annotations | nindent 4 }}
{{- end }}
labels:
{{- include "ingress-nginx.labels" . | nindent 4 }}
app.kubernetes.io/component: admission-webhook
{{- with .Values.controller.admissionWebhooks.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
name: {{ include "ingress-nginx.fullname" . }}-admission
webhooks:
- name: validate.nginx.ingress.kubernetes.io
matchPolicy: Equivalent
rules:
- apiGroups:
- networking.k8s.io
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- ingresses
failurePolicy: {{ .Values.controller.admissionWebhooks.failurePolicy | default "Fail" }}
sideEffects: None
admissionReviewVersions:
- v1
clientConfig:
service:
namespace: {{ (include "ingress-nginx.namespace" .) | quote }}
name: {{ include "ingress-nginx.controller.fullname" . }}-admission
path: /networking/v1/ingresses
{{- if .Values.controller.admissionWebhooks.timeoutSeconds }}
timeoutSeconds: {{ .Values.controller.admissionWebhooks.timeoutSeconds }}
{{- end }}
{{- if .Values.controller.admissionWebhooks.namespaceSelector }}
namespaceSelector: {{ toYaml .Values.controller.admissionWebhooks.namespaceSelector | nindent 6 }}
{{- end }}
{{- if .Values.controller.admissionWebhooks.objectSelector }}
objectSelector: {{ toYaml .Values.controller.admissionWebhooks.objectSelector | nindent 6 }}
{{- end }}
{{- end }}
Reference in a new issue View git blame Copy permalink