mirror of https://github.com/openkruise/charts.git
916 lines
24 KiB
YAML
916 lines
24 KiB
YAML
apiVersion: admissionregistration.k8s.io/v1
|
|
kind: MutatingWebhookConfiguration
|
|
metadata:
|
|
name: kruise-mutating-webhook-configuration
|
|
annotations:
|
|
template: ""
|
|
{{- if .Values.externalCerts.annotations }}
|
|
{{ toYaml .Values.externalCerts.annotations | indent 4 }}
|
|
{{- end }}
|
|
webhooks:
|
|
{{- if not (contains "PodWebhook=false" .Values.featureGates) }}
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /mutate-pod
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
failurePolicy: Fail
|
|
name: mpod.kb.io
|
|
namespaceSelector:
|
|
matchExpressions:
|
|
- key: control-plane
|
|
operator: NotIn
|
|
values:
|
|
- openkruise
|
|
- key: kubernetes.io/metadata.name
|
|
operator: NotIn
|
|
values:
|
|
- kube-system
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
apiVersions:
|
|
- v1
|
|
operations:
|
|
- CREATE
|
|
resources:
|
|
- pods
|
|
sideEffects: None
|
|
{{- end }}
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /mutate-apps-kruise-io-v1alpha1-advancedcronjob
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: madvancedcronjob.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- advancedcronjobs
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /mutate-apps-kruise-io-v1alpha1-broadcastjob
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: mbroadcastjob.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- broadcastjobs
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /mutate-apps-kruise-io-v1alpha1-cloneset
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: mcloneset.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- clonesets
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /mutate-apps-kruise-io-v1alpha1-containerrecreaterequest
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: mcontainerrecreaterequest.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- containerrecreaterequests
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /mutate-apps-kruise-io-v1alpha1-daemonset
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: mdaemonset.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- daemonsets
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /mutate-apps-kruise-io-v1alpha1-imagelistpulljob
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: mimagelistpulljob.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- imagelistpulljobs
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /mutate-apps-kruise-io-v1alpha1-imagepulljob
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: mimagepulljob.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- imagepulljobs
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /mutate-apps-kruise-io-v1alpha1-nodeimage
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: mnodeimage.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- nodeimages
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /mutate-apps-kruise-io-v1alpha1-sidecarset
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: msidecarset.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- sidecarsets
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /mutate-apps-kruise-io-statefulset
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: mstatefulset.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
- v1beta1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- statefulsets
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /mutate-apps-kruise-io-v1alpha1-uniteddeployment
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: muniteddeployment.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- uniteddeployments
|
|
sideEffects: None
|
|
---
|
|
apiVersion: admissionregistration.k8s.io/v1
|
|
kind: ValidatingWebhookConfiguration
|
|
metadata:
|
|
name: kruise-validating-webhook-configuration
|
|
annotations:
|
|
template: ""
|
|
{{- if .Values.externalCerts.annotations }}
|
|
{{ toYaml .Values.externalCerts.annotations | indent 4 }}
|
|
{{- end }}
|
|
webhooks:
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-apps-deployment
|
|
failurePolicy: Ignore
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vbuiltindeployment.kb.io
|
|
objectSelector:
|
|
matchExpressions:
|
|
- key: policy.kruise.io/delete-protection
|
|
operator: Exists
|
|
namespaceSelector:
|
|
matchExpressions:
|
|
- key: kubernetes.io/metadata.name
|
|
operator: NotIn
|
|
values:
|
|
- kube-system
|
|
rules:
|
|
- apiGroups:
|
|
- apps
|
|
apiVersions:
|
|
- v1
|
|
operations:
|
|
- DELETE
|
|
resources:
|
|
- deployments
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-apps-replicaset
|
|
failurePolicy: Ignore
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vbuiltinreplicaset.kb.io
|
|
objectSelector:
|
|
matchExpressions:
|
|
- key: policy.kruise.io/delete-protection
|
|
operator: Exists
|
|
namespaceSelector:
|
|
matchExpressions:
|
|
- key: kubernetes.io/metadata.name
|
|
operator: NotIn
|
|
values:
|
|
- kube-system
|
|
rules:
|
|
- apiGroups:
|
|
- apps
|
|
apiVersions:
|
|
- v1
|
|
operations:
|
|
- DELETE
|
|
resources:
|
|
- replicasets
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-apps-statefulset
|
|
failurePolicy: Ignore
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vbuiltinstatefulset.kb.io
|
|
objectSelector:
|
|
matchExpressions:
|
|
- key: policy.kruise.io/delete-protection
|
|
operator: Exists
|
|
namespaceSelector:
|
|
matchExpressions:
|
|
- key: kubernetes.io/metadata.name
|
|
operator: NotIn
|
|
values:
|
|
- kube-system
|
|
rules:
|
|
- apiGroups:
|
|
- apps
|
|
apiVersions:
|
|
- v1
|
|
operations:
|
|
- DELETE
|
|
resources:
|
|
- statefulsets
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-customresourcedefinition
|
|
failurePolicy: Ignore
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vcustomresourcedefinition.kb.io
|
|
objectSelector:
|
|
matchExpressions:
|
|
- key: policy.kruise.io/delete-protection
|
|
operator: Exists
|
|
namespaceSelector:
|
|
matchExpressions:
|
|
- key: kubernetes.io/metadata.name
|
|
operator: NotIn
|
|
values:
|
|
- kube-system
|
|
rules:
|
|
- apiGroups:
|
|
- apiextensions.k8s.io
|
|
apiVersions:
|
|
- v1
|
|
- v1beta1
|
|
operations:
|
|
- DELETE
|
|
resources:
|
|
- customresourcedefinitions
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-namespace
|
|
failurePolicy: Ignore
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vnamespace.kb.io
|
|
objectSelector:
|
|
matchExpressions:
|
|
- key: policy.kruise.io/delete-protection
|
|
operator: Exists
|
|
namespaceSelector:
|
|
matchExpressions:
|
|
- key: kubernetes.io/metadata.name
|
|
operator: NotIn
|
|
values:
|
|
- kube-system
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
apiVersions:
|
|
- v1
|
|
operations:
|
|
- DELETE
|
|
resources:
|
|
- namespaces
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-ingress
|
|
failurePolicy: Ignore
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vingress.kb.io
|
|
objectSelector:
|
|
matchExpressions:
|
|
- key: policy.kruise.io/delete-protection
|
|
operator: Exists
|
|
namespaceSelector:
|
|
matchExpressions:
|
|
- key: kubernetes.io/metadata.name
|
|
operator: NotIn
|
|
values:
|
|
- kube-system
|
|
rules:
|
|
- apiGroups:
|
|
- networking.k8s.io
|
|
apiVersions:
|
|
- v1
|
|
- v1beta1
|
|
operations:
|
|
- DELETE
|
|
resources:
|
|
- ingresses
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-service
|
|
failurePolicy: Ignore
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vservice.kb.io
|
|
objectSelector:
|
|
matchExpressions:
|
|
- key: policy.kruise.io/delete-protection
|
|
operator: Exists
|
|
namespaceSelector:
|
|
matchExpressions:
|
|
- key: kubernetes.io/metadata.name
|
|
operator: NotIn
|
|
values:
|
|
- kube-system
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
apiVersions:
|
|
- v1
|
|
operations:
|
|
- DELETE
|
|
resources:
|
|
- services
|
|
sideEffects: None
|
|
{{- if not (contains "PodWebhook=false" .Values.featureGates) }}
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-pod
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vpod.kb.io
|
|
namespaceSelector:
|
|
matchExpressions:
|
|
- key: control-plane
|
|
operator: NotIn
|
|
values:
|
|
- openkruise
|
|
- key: kubernetes.io/metadata.name
|
|
operator: NotIn
|
|
values:
|
|
- kube-system
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
apiVersions:
|
|
- v1
|
|
operations:
|
|
- UPDATE
|
|
- DELETE
|
|
resources:
|
|
- pods
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-pod
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vpodeviction.kb.io
|
|
namespaceSelector:
|
|
matchExpressions:
|
|
- key: control-plane
|
|
operator: NotIn
|
|
values:
|
|
- openkruise
|
|
- key: kubernetes.io/metadata.name
|
|
operator: NotIn
|
|
values:
|
|
- kube-system
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
apiVersions:
|
|
- v1
|
|
operations:
|
|
- CREATE
|
|
resources:
|
|
- pods/eviction
|
|
sideEffects: None
|
|
{{- end }}
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-apps-kruise-io-v1alpha1-resourcedistribution
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vresourcedistribution.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- resourcedistributions
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-apps-kruise-io-v1alpha1-workloadspread
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vworkloadspread.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- workloadspreads
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-apps-kruise-io-v1alpha1-advancedcronjob
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vadvancedcronjob.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- advancedcronjobs
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-apps-kruise-io-v1alpha1-broadcastjob
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vbroadcastjob.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- broadcastjobs
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-apps-kruise-io-v1alpha1-cloneset
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vcloneset.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
- DELETE
|
|
resources:
|
|
- clonesets
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-apps-kruise-io-v1alpha1-daemonset
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vdaemonset.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- daemonsets
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-apps-kruise-io-v1alpha1-imagelistpulljob
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vimagelistpulljob.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- imagelistpulljobs
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-apps-kruise-io-v1alpha1-imagepulljob
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vimagepulljob.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- imagepulljobs
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-apps-kruise-io-v1alpha1-nodeimage
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vnodeimage.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- nodeimages
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-apps-kruise-io-persistentpodstate
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vpersistentpodstate.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- persistentpodstates
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-apps-kruise-io-podprobemarker
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vpodprobemarker.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- podprobemarkers
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-policy-kruise-io-podunavailablebudget
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vpodunavailablebudget.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- policy.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- podunavailablebudgets
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-apps-kruise-io-v1alpha1-sidecarset
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vsidecarset.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
resources:
|
|
- sidecarsets
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-apps-kruise-io-statefulset
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vstatefulset.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
- v1beta1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
- DELETE
|
|
resources:
|
|
- statefulsets
|
|
sideEffects: None
|
|
- admissionReviewVersions:
|
|
- v1
|
|
- v1beta1
|
|
clientConfig:
|
|
service:
|
|
name: kruise-webhook-service
|
|
namespace: {{ .Values.installation.namespace }}
|
|
path: /validate-apps-kruise-io-v1alpha1-uniteddeployment
|
|
failurePolicy: Fail
|
|
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
|
|
name: vuniteddeployment.kb.io
|
|
rules:
|
|
- apiGroups:
|
|
- apps.kruise.io
|
|
apiVersions:
|
|
- v1alpha1
|
|
operations:
|
|
- CREATE
|
|
- UPDATE
|
|
- DELETE
|
|
resources:
|
|
- uniteddeployments
|
|
sideEffects: None
|