forked from hswaw/hscloud
cluster/kube/cert-manager: don't add APIService when webhooks are disabled
This commit is contained in:
parent
b187bf5b2c
commit
fc514a9b52
1 changed files with 5 additions and 4 deletions
|
@ -486,7 +486,7 @@ local kube = import "../../../kube/kube.libsonnet";
|
|||
],
|
||||
},
|
||||
},
|
||||
apiservice: kube._Object("apiregistration.k8s.io/v1beta1", "APIService", "v1beta1.admission.certmanager.k8s.io") {
|
||||
apiservice: if cfg.enableWebhook then kube._Object("apiregistration.k8s.io/v1beta1", "APIService", "v1beta1.admission.certmanager.k8s.io") {
|
||||
spec+: {
|
||||
version: "v1beta1",
|
||||
group: "admission.certmanager.k8s.io",
|
||||
|
@ -498,6 +498,7 @@ local kube = import "../../../kube/kube.libsonnet";
|
|||
},
|
||||
},
|
||||
},
|
||||
|
||||
issuers: {
|
||||
webhookSelfsign: cm.Issuer("cert-manager-webhook-selfsign") {
|
||||
metadata+: env.metadata,
|
||||
|
@ -543,13 +544,13 @@ local kube = import "../../../kube/kube.libsonnet";
|
|||
},
|
||||
},
|
||||
},
|
||||
admission: kube._Object("admissionregistration.k8s.io/v1beta1", "ValidatingWebhookConfiguration", "cert-manager-webhook") {
|
||||
admission: if cfg.enableWebhook then kube._Object("admissionregistration.k8s.io/v1beta1", "ValidatingWebhookConfiguration", "cert-manager-webhook") {
|
||||
metadata+: {
|
||||
annotations: {
|
||||
},
|
||||
},
|
||||
// Copied from official yaml
|
||||
webhooks: if cfg.enableWebhook then [
|
||||
webhooks: [
|
||||
{
|
||||
"name": "certificates.admission.certmanager.k8s.io",
|
||||
"namespaceSelector": {
|
||||
|
@ -691,7 +692,7 @@ local kube = import "../../../kube/kube.libsonnet";
|
|||
"caBundle": "",
|
||||
}
|
||||
}
|
||||
] else [],
|
||||
],
|
||||
},
|
||||
},
|
||||
|
||||
|
|
Loading…
Reference in a new issue