From 8932608cc91254fcbd75f609eef871ce9fd383b5 Mon Sep 17 00:00:00 2001
From: Melvin GABALI <melvin.gabali@gmail.com>
Date: Wed, 21 Jan 2026 23:19:41 +0100
Subject: [PATCH] update webhook

---
 .../ops/templates/deployment.yaml             | 57 -------------------
 .../ops/templates/mutating-webhook.yaml       | 22 -------
 .../ops/templates/rbac.yaml                   | 28 ---------
 .../ops/templates/service.yaml                | 17 ------
 .../ops/templates/serviceaccount.yaml         |  8 ---
 .../ops/templates/validating-webhook.yaml     | 22 -------
 helm/cert-manager-webhook-ovh/ops/values.yaml | 37 +++---------
 7 files changed, 9 insertions(+), 182 deletions(-)
 delete mode 100644 helm/cert-manager-webhook-ovh/ops/templates/deployment.yaml
 delete mode 100644 helm/cert-manager-webhook-ovh/ops/templates/mutating-webhook.yaml
 delete mode 100644 helm/cert-manager-webhook-ovh/ops/templates/rbac.yaml
 delete mode 100644 helm/cert-manager-webhook-ovh/ops/templates/service.yaml
 delete mode 100644 helm/cert-manager-webhook-ovh/ops/templates/serviceaccount.yaml
 delete mode 100644 helm/cert-manager-webhook-ovh/ops/templates/validating-webhook.yaml

diff --git a/helm/cert-manager-webhook-ovh/ops/templates/deployment.yaml b/helm/cert-manager-webhook-ovh/ops/templates/deployment.yaml
deleted file mode 100644
index 2d7b2ee..0000000
--- a/helm/cert-manager-webhook-ovh/ops/templates/deployment.yaml
+++ /dev/null
@@ -1,57 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: cert-manager-webhook-ovh
-  namespace: cert-manager-ops
-  labels:
-    app: cert-manager-webhook-ovh
-    app.kubernetes.io/name: cert-manager-webhook-ovh
-    app.kubernetes.io/instance: cert-manager-webhook-ovh
-spec:
-  replicas: {{ .Values.replicaCount }}
-  selector:
-    matchLabels:
-      app: cert-manager-webhook-ovh
-  template:
-    metadata:
-      labels:
-        app: cert-manager-webhook-ovh
-      annotations:
-        {{- toYaml .Values.podAnnotations | nindent 8 }}
-    spec:
-      serviceAccountName: {{ .Values.serviceAccount.name }}
-      containers:
-        - name: webhook
-          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
-          imagePullPolicy: {{ .Values.image.pullPolicy }}
-          args:
-            - --v=2
-            - --group-name={{ .Values.groupName }}
-            - --secure-port=10250
-            - --cert-dir=/tmp/cert-manager-webhook-ovh
-          ports:
-            - name: https
-              containerPort: 10250
-              protocol: TCP
-          resources:
-            {{- toYaml .Values.resources | nindent 12 }}
-          volumeMounts:
-            - name: certs
-              mountPath: /tmp/cert-manager-webhook-ovh
-              readOnly: false
-      volumes:
-        - name: certs
-          emptyDir: {}
-      {{- with .Values.nodeSelector }}
-      nodeSelector:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.affinity }}
-      affinity:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.tolerations }}
-      tolerations:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-
diff --git a/helm/cert-manager-webhook-ovh/ops/templates/mutating-webhook.yaml b/helm/cert-manager-webhook-ovh/ops/templates/mutating-webhook.yaml
deleted file mode 100644
index eb9c250..0000000
--- a/helm/cert-manager-webhook-ovh/ops/templates/mutating-webhook.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-apiVersion: admissionregistration.k8s.io/v1
-kind: MutatingWebhookConfiguration
-metadata:
-  name: cert-manager-webhook-ovh
-  labels:
-    app: cert-manager-webhook-ovh
-webhooks:
-  - name: webhook.cert-manager.io
-    admissionReviewVersions: ["v1", "v1beta1"]
-    clientConfig:
-      service:
-        name: cert-manager-webhook-ovh
-        namespace: cert-manager-ops
-        path: "/mutate"
-    rules:
-      - apiGroups: ["acme.cert-manager.io"]
-        apiVersions: ["v1"]
-        operations: ["CREATE", "UPDATE"]
-        resources: ["challenges"]
-    sideEffects: None
-    failurePolicy: Fail
-
diff --git a/helm/cert-manager-webhook-ovh/ops/templates/rbac.yaml b/helm/cert-manager-webhook-ovh/ops/templates/rbac.yaml
deleted file mode 100644
index 0333175..0000000
--- a/helm/cert-manager-webhook-ovh/ops/templates/rbac.yaml
+++ /dev/null
@@ -1,28 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: cert-manager-webhook-ovh
-  namespace: cert-manager-ops
-  labels:
-    app: cert-manager-webhook-ovh
-rules:
-  - apiGroups: [""]
-    resources: ["secrets"]
-    verbs: ["get", "list", "watch"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: cert-manager-webhook-ovh
-  namespace: cert-manager-ops
-  labels:
-    app: cert-manager-webhook-ovh
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: cert-manager-webhook-ovh
-subjects:
-  - kind: ServiceAccount
-    name: {{ .Values.serviceAccount.name }}
-    namespace: cert-manager-ops
-
diff --git a/helm/cert-manager-webhook-ovh/ops/templates/service.yaml b/helm/cert-manager-webhook-ovh/ops/templates/service.yaml
deleted file mode 100644
index ba8701c..0000000
--- a/helm/cert-manager-webhook-ovh/ops/templates/service.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: cert-manager-webhook-ovh
-  namespace: cert-manager-ops
-  labels:
-    app: cert-manager-webhook-ovh
-spec:
-  type: {{ .Values.service.type }}
-  ports:
-    - port: {{ .Values.service.port }}
-      targetPort: https
-      protocol: TCP
-      name: https
-  selector:
-    app: cert-manager-webhook-ovh
-
diff --git a/helm/cert-manager-webhook-ovh/ops/templates/serviceaccount.yaml b/helm/cert-manager-webhook-ovh/ops/templates/serviceaccount.yaml
deleted file mode 100644
index f15a3dd..0000000
--- a/helm/cert-manager-webhook-ovh/ops/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: {{ .Values.serviceAccount.name }}
-  namespace: cert-manager-ops
-  labels:
-    app: cert-manager-webhook-ovh
-
diff --git a/helm/cert-manager-webhook-ovh/ops/templates/validating-webhook.yaml b/helm/cert-manager-webhook-ovh/ops/templates/validating-webhook.yaml
deleted file mode 100644
index 6dc26dc..0000000
--- a/helm/cert-manager-webhook-ovh/ops/templates/validating-webhook.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-apiVersion: admissionregistration.k8s.io/v1
-kind: ValidatingWebhookConfiguration
-metadata:
-  name: cert-manager-webhook-ovh
-  labels:
-    app: cert-manager-webhook-ovh
-webhooks:
-  - name: webhook.cert-manager.io
-    admissionReviewVersions: ["v1", "v1beta1"]
-    clientConfig:
-      service:
-        name: cert-manager-webhook-ovh
-        namespace: cert-manager-ops
-        path: "/validate"
-    rules:
-      - apiGroups: ["acme.cert-manager.io"]
-        apiVersions: ["v1"]
-        operations: ["CREATE", "UPDATE"]
-        resources: ["challenges"]
-    sideEffects: None
-    failurePolicy: Fail
-
diff --git a/helm/cert-manager-webhook-ovh/ops/values.yaml b/helm/cert-manager-webhook-ovh/ops/values.yaml
index 6fb0a5a..e8ebb25 100644
--- a/helm/cert-manager-webhook-ovh/ops/values.yaml
+++ b/helm/cert-manager-webhook-ovh/ops/values.yaml
@@ -1,34 +1,15 @@
 # Configuration pour cert-manager-webhook-ovh
 # Ce webhook permet à cert-manager d'utiliser OVH DNS-01 challenge pour les certificats wildcard
 
-replicaCount: 1
+cert-manager-webhook-ovh:
+  replicaCount: 1
 
-resources:
-  limits:
-    cpu: 100m
-    memory: 128Mi
-  requests:
-    cpu: 50m
-    memory: 64Mi
+  # Configuration du webhook
+  groupName: acme.gkdomaine.fr
 
-# Configuration du webhook
-groupName: acme.gkdomaine.fr
-
-# RBAC
-serviceAccount:
-  create: true
-  name: cert-manager-webhook-ovh
-
-# Service
-service:
-  type: ClusterIP
-  port: 443
-
-# Pod annotations
-podAnnotations: {}
-
-# Node selector, tolerations, etc.
-nodeSelector: {}
-tolerations: []
-affinity: {}
+  certManager:
+    # namespace in which your cert-manager is deployed
+    namespace: cert-manager-ops
+    # cert-manager serverAccount name (default: cert-manager)
+    serviceAccountName: cert-manager-ops