cheshire/hscloud
1
0
Fork 0
forked from hswaw/hscloud
Code Pull requests Activity

cluster/kube/cert-manager: don't add APIService when webhooks are disabled

Browse source
This commit is contained in:
informatic 2019-05-05 12:12:13 +02:00
parent b187bf5b2c
commit fc514a9b52
1 changed files with 5 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
cluster/kube/lib/cert-manager.libsonnet
View file

@ -486,7 +486,7 @@ local kube = import "../../../kube/kube.libsonnet";
],
},
},
apiservice: kube._Object("apiregistration.k8s.io/v1beta1", "APIService", "v1beta1.admission.certmanager.k8s.io") {
apiservice: if cfg.enableWebhook then kube._Object("apiregistration.k8s.io/v1beta1", "APIService", "v1beta1.admission.certmanager.k8s.io") {
spec+: {
version: "v1beta1",
group: "admission.certmanager.k8s.io",
@ -498,6 +498,7 @@ local kube = import "../../../kube/kube.libsonnet";
},
},
},
issuers: {
webhookSelfsign: cm.Issuer("cert-manager-webhook-selfsign") {
metadata+: env.metadata,
@ -543,13 +544,13 @@ local kube = import "../../../kube/kube.libsonnet";
},
},
},
admission: kube._Object("admissionregistration.k8s.io/v1beta1", "ValidatingWebhookConfiguration", "cert-manager-webhook") {
admission: if cfg.enableWebhook then kube._Object("admissionregistration.k8s.io/v1beta1", "ValidatingWebhookConfiguration", "cert-manager-webhook") {
metadata+: {
annotations: {
},
},
// Copied from official yaml
webhooks: if cfg.enableWebhook then [
webhooks: [
{
"name": "certificates.admission.certmanager.k8s.io",
"namespaceSelector": {
@ -691,7 +692,7 @@ local kube = import "../../../kube/kube.libsonnet";
"caBundle": "",
}
}
] else [],
],
},
},