Updates to k8s objects

2023-03-26 11:00:55 -05:00 · 2023-03-26 11:00:55 -05:00 · b7b88162ad
commit b7b88162ad
parent a205b07037
4 changed files with 36 additions and 17 deletions
--- a/k8s/configmap.yaml
+++ b/k8s/configmap.yaml
@ -1,4 +1,3 @@
 ---
 apiVersion: v1
 kind: ConfigMap
 metadata:
@ -16,3 +15,13 @@ data:
    - goharbor/redis-photon
    - goharbor/registry-photon
    - goharbor/trivy-adapter-photon
    kubernetes:
      namespace: ingress-nginx
      service-name: webhook
    certificate-authority:
      certificate: |
        -----BEGIN CERTIFICATE-----
        -----END CERTIFICATE-----
      private-key: |
        -----BEGIN RSA PRIVATE KEY-----
        -----END RSA PRIVATE KEY-----    
--- a/k8s/daemonset.yaml
+++ b/k8s/daemonset.yaml
@ -1,8 +1,7 @@
 ---
 apiVersion: apps/v1
 kind: DaemonSet
 metadata:
-  name: mutating-webhool
+  name: mutating-webhook
  labels:
    app: mutating-webhook
 spec:
--- a/k8s/service.yaml
+++ b/k8s/service.yaml
@ -1,4 +1,3 @@
 ---
 apiVersion: v1
 kind: Service
 metadata:
--- a/k8s/webhook.yaml
+++ b/k8s/webhook.yaml
@ -1,18 +1,30 @@
 ---
-apiVersion: admissionregistration.k8s.io/v1beta1
+apiVersion: admissionregistration.k8s.io/v1
 kind: MutatingWebhookConfiguration
 metadata:
  name: pod-mutation
 webhooks:
-  - name: pod-mutation.default.svc
+- name: pod-mutation.ingress-nginx.svc
  clientConfig:
    service:
      name: webhook
-        namespace: default
+      namespace: ingress-nginx 
      path: "/api/v1/mutate/pod"
      port: 443
    caBundle: Base64 encoded Certificate Authority PEM file
  rules:
-      - operations: ["CREATE", ]
+  - operations:
-        apiGroups: [""]
+    - "CREATE"
-        apiVersions: ["v1"]
+    - "UPDATE"
-        resources: ["pods"]
+    apiVersions:
    - "*"
    apiGroups:
    - "*"
    resources: 
    - "pods/*"
    scope: "Namespaced"
  sideEffects: None
  admissionReviewVersions:
  - "v1"
  failurePolicy: Ignore