mirror of
https://github.com/cert-manager/webhook-example.git
synced 2025-07-02 06:45:49 +02:00
Merge pull request #50 from bacht-fidi/master
Fix: remove legacy API versions
This commit is contained in:
Beat Schärz
GitHub
commit
7ceb198f41
6 changed files with 13 additions and 16 deletions
|
|
@ -5,7 +5,7 @@ A [cert-manager][2] ACME DNS01 solver webhook for [DNSimple][1].
|
||||||
|
|
||||||
## Pre-requisites
|
## Pre-requisites
|
||||||
|
|
||||||
- [cert-manager][2] >= 0.13 (The Helm chart uses the new API versions)
|
- [cert-manager][2] >= 1.0.0 (The Helm chart uses the new API versions)
|
||||||
- Kubernetes >= 1.17.x
|
- Kubernetes >= 1.17.x
|
||||||
- Helm 3 (otherwise adjust the example below accordingly)
|
- Helm 3 (otherwise adjust the example below accordingly)
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,8 @@
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
appVersion: "v0.1.4"
|
appVersion: "v0.1.5"
|
||||||
description: cert-manager webhook solver for ACME DNS01 challenge via DNSimple
|
description: cert-manager webhook solver for ACME DNS01 challenge via DNSimple
|
||||||
name: cert-manager-webhook-dnsimple
|
name: cert-manager-webhook-dnsimple
|
||||||
version: 0.1.4
|
version: 0.1.5
|
||||||
home: https://github.com/puzzle/cert-manager-webhook-dnsimple
|
home: https://github.com/puzzle/cert-manager-webhook-dnsimple
|
||||||
sources:
|
sources:
|
||||||
- https://github.com/puzzle/cert-manager-webhook-dnsimple
|
- https://github.com/puzzle/cert-manager-webhook-dnsimple
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,4 @@
|
||||||
{{- $APIRegistrationAPIVersion := ternary "apiregistration.k8s.io/v1" "apiregistration.k8s.io/v1beta1" (.Capabilities.APIVersions.Has "apiregistration.k8s.io/v1") -}}
|
apiVersion: apiregistration.k8s.io/v1
|
||||||
apiVersion: {{ $APIRegistrationAPIVersion }}
|
|
||||||
kind: APIService
|
kind: APIService
|
||||||
metadata:
|
metadata:
|
||||||
name: v1alpha1.{{ include "dnsimple-webhook.api-group" . }}
|
name: v1alpha1.{{ include "dnsimple-webhook.api-group" . }}
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,7 @@
|
||||||
{{- $CertManagerAPIVersion := ternary "cert-manager.io/v1" "cert-manager.io/v1alpha2" (.Capabilities.APIVersions.Has "cert-manager.io/v1") -}}
|
|
||||||
---
|
---
|
||||||
# Create a selfsigned Issuer, in order to create a root CA certificate for
|
# Create a selfsigned Issuer, in order to create a root CA certificate for
|
||||||
# signing webhook serving certificates
|
# signing webhook serving certificates
|
||||||
apiVersion: {{ $CertManagerAPIVersion }}
|
apiVersion: cert-manager.io/v1
|
||||||
kind: Issuer
|
kind: Issuer
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "dnsimple-webhook.selfSignedIssuer" . }}
|
name: {{ include "dnsimple-webhook.selfSignedIssuer" . }}
|
||||||
|
|
@ -18,7 +17,7 @@ spec:
|
||||||
---
|
---
|
||||||
|
|
||||||
# Generate a CA Certificate used to sign certificates for the webhook
|
# Generate a CA Certificate used to sign certificates for the webhook
|
||||||
apiVersion: {{ $CertManagerAPIVersion }}
|
apiVersion: cert-manager.io/v1
|
||||||
kind: Certificate
|
kind: Certificate
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "dnsimple-webhook.rootCACertificate" . }}
|
name: {{ include "dnsimple-webhook.rootCACertificate" . }}
|
||||||
|
|
@ -39,7 +38,7 @@ spec:
|
||||||
---
|
---
|
||||||
|
|
||||||
# Create an Issuer that uses the above generated CA certificate to issue certs
|
# Create an Issuer that uses the above generated CA certificate to issue certs
|
||||||
apiVersion: {{ $CertManagerAPIVersion }}
|
apiVersion: cert-manager.io/v1
|
||||||
kind: Issuer
|
kind: Issuer
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "dnsimple-webhook.rootCAIssuer" . }}
|
name: {{ include "dnsimple-webhook.rootCAIssuer" . }}
|
||||||
|
|
@ -56,7 +55,7 @@ spec:
|
||||||
---
|
---
|
||||||
|
|
||||||
# Finally, generate a serving certificate for the webhook to use
|
# Finally, generate a serving certificate for the webhook to use
|
||||||
apiVersion: {{ $CertManagerAPIVersion }}
|
apiVersion: cert-manager.io/v1
|
||||||
kind: Certificate
|
kind: Certificate
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "dnsimple-webhook.servingCertificate" . }}
|
name: {{ include "dnsimple-webhook.servingCertificate" . }}
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,3 @@
|
||||||
{{- $RBACAPIVersion := ternary "rbac.authorization.k8s.io/v1" "rbac.authorization.k8s.io/v1beta1" (.Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1") -}}
|
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: ServiceAccount
|
kind: ServiceAccount
|
||||||
metadata:
|
metadata:
|
||||||
|
|
@ -12,7 +11,7 @@ metadata:
|
||||||
# Grant the webhook permission to read the ConfigMap containing the Kubernetes
|
# Grant the webhook permission to read the ConfigMap containing the Kubernetes
|
||||||
# apiserver's requestheader-ca-certificate.
|
# apiserver's requestheader-ca-certificate.
|
||||||
# This ConfigMap is automatically created by the Kubernetes apiserver.
|
# This ConfigMap is automatically created by the Kubernetes apiserver.
|
||||||
apiVersion: {{ $RBACAPIVersion }}
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
kind: RoleBinding
|
kind: RoleBinding
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "dnsimple-webhook.fullname" . }}:webhook-authentication-reader
|
name: {{ include "dnsimple-webhook.fullname" . }}:webhook-authentication-reader
|
||||||
|
|
@ -34,7 +33,7 @@ subjects:
|
||||||
---
|
---
|
||||||
# apiserver gets the auth-delegator role to delegate auth decisions to
|
# apiserver gets the auth-delegator role to delegate auth decisions to
|
||||||
# the core apiserver
|
# the core apiserver
|
||||||
apiVersion: {{ $RBACAPIVersion }}
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
kind: ClusterRoleBinding
|
kind: ClusterRoleBinding
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "dnsimple-webhook.fullname" . }}:auth-delegator
|
name: {{ include "dnsimple-webhook.fullname" . }}:auth-delegator
|
||||||
|
|
@ -54,7 +53,7 @@ subjects:
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
---
|
---
|
||||||
# Grant cert-manager permission to validate using our apiserver
|
# Grant cert-manager permission to validate using our apiserver
|
||||||
apiVersion: {{ $RBACAPIVersion }}
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "dnsimple-webhook.fullname" . }}:domain-solver
|
name: {{ include "dnsimple-webhook.fullname" . }}:domain-solver
|
||||||
|
|
|
||||||
|
|
@ -20,7 +20,7 @@ clusterIssuer:
|
||||||
enabled: false
|
enabled: false
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/puzzle/cert-manager-webhook-dnsimple
|
repository: ghcr.io/puzzle/cert-manager-webhook-dnsimple
|
||||||
tag: v0.1.4
|
tag: v0.1.5
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
# pullSecret: "gcr"
|
# pullSecret: "gcr"
|
||||||
nameOverride: ""
|
nameOverride: ""
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue