update webhook

helm/cert-manager-webhook-ovh/ops/templates/deployment.yaml

@@ -1,57 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: cert-manager-webhook-ovh
-  namespace: cert-manager-ops
-  labels:
-    app: cert-manager-webhook-ovh
-    app.kubernetes.io/name: cert-manager-webhook-ovh
-    app.kubernetes.io/instance: cert-manager-webhook-ovh
-spec:
-  replicas: {{ .Values.replicaCount }}
-  selector:
-    matchLabels:
-      app: cert-manager-webhook-ovh
-  template:
-    metadata:
-      labels:
-        app: cert-manager-webhook-ovh
-      annotations:
-        {{- toYaml .Values.podAnnotations | nindent 8 }}
-    spec:
-      serviceAccountName: {{ .Values.serviceAccount.name }}
-      containers:
-        - name: webhook
-          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
-          imagePullPolicy: {{ .Values.image.pullPolicy }}
-          args:
-            - --v=2
-            - --group-name={{ .Values.groupName }}
-            - --secure-port=10250
-            - --cert-dir=/tmp/cert-manager-webhook-ovh
-          ports:
-            - name: https
-              containerPort: 10250
-              protocol: TCP
-          resources:
-            {{- toYaml .Values.resources | nindent 12 }}
-          volumeMounts:
-            - name: certs
-              mountPath: /tmp/cert-manager-webhook-ovh
-              readOnly: false
-      volumes:
-        - name: certs
-          emptyDir: {}
-      {{- with .Values.nodeSelector }}
-      nodeSelector:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.affinity }}
-      affinity:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.tolerations }}
-      tolerations:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-

helm/cert-manager-webhook-ovh/ops/templates/mutating-webhook.yaml

@@ -1,22 +0,0 @@
-apiVersion: admissionregistration.k8s.io/v1
-kind: MutatingWebhookConfiguration
-metadata:
-  name: cert-manager-webhook-ovh
-  labels:
-    app: cert-manager-webhook-ovh
-webhooks:
-  - name: webhook.cert-manager.io
-    admissionReviewVersions: ["v1", "v1beta1"]
-    clientConfig:
-      service:
-        name: cert-manager-webhook-ovh
-        namespace: cert-manager-ops
-        path: "/mutate"
-    rules:
-      - apiGroups: ["acme.cert-manager.io"]
-        apiVersions: ["v1"]
-        operations: ["CREATE", "UPDATE"]
-        resources: ["challenges"]
-    sideEffects: None
-    failurePolicy: Fail
-

helm/cert-manager-webhook-ovh/ops/templates/rbac.yaml

@@ -1,28 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: cert-manager-webhook-ovh
-  namespace: cert-manager-ops
-  labels:
-    app: cert-manager-webhook-ovh
-rules:
-  - apiGroups: [""]
-    resources: ["secrets"]
-    verbs: ["get", "list", "watch"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: cert-manager-webhook-ovh
-  namespace: cert-manager-ops
-  labels:
-    app: cert-manager-webhook-ovh
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: cert-manager-webhook-ovh
-subjects:
-  - kind: ServiceAccount
-    name: {{ .Values.serviceAccount.name }}
-    namespace: cert-manager-ops
-

helm/cert-manager-webhook-ovh/ops/templates/service.yaml

@@ -1,17 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: cert-manager-webhook-ovh
-  namespace: cert-manager-ops
-  labels:
-    app: cert-manager-webhook-ovh
-spec:
-  type: {{ .Values.service.type }}
-  ports:
-    - port: {{ .Values.service.port }}
-      targetPort: https
-      protocol: TCP
-      name: https
-  selector:
-    app: cert-manager-webhook-ovh
-

helm/cert-manager-webhook-ovh/ops/templates/serviceaccount.yaml

@@ -1,8 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: {{ .Values.serviceAccount.name }}
-  namespace: cert-manager-ops
-  labels:
-    app: cert-manager-webhook-ovh
-

helm/cert-manager-webhook-ovh/ops/templates/validating-webhook.yaml

@@ -1,22 +0,0 @@
-apiVersion: admissionregistration.k8s.io/v1
-kind: ValidatingWebhookConfiguration
-metadata:
-  name: cert-manager-webhook-ovh
-  labels:
-    app: cert-manager-webhook-ovh
-webhooks:
-  - name: webhook.cert-manager.io
-    admissionReviewVersions: ["v1", "v1beta1"]
-    clientConfig:
-      service:
-        name: cert-manager-webhook-ovh
-        namespace: cert-manager-ops
-        path: "/validate"
-    rules:
-      - apiGroups: ["acme.cert-manager.io"]
-        apiVersions: ["v1"]
-        operations: ["CREATE", "UPDATE"]
-        resources: ["challenges"]
-    sideEffects: None
-    failurePolicy: Fail
-

helm/cert-manager-webhook-ovh/ops/values.yaml

@@ -1,34 +1,15 @@
 # Configuration pour cert-manager-webhook-ovh
 # Ce webhook permet à cert-manager d'utiliser OVH DNS-01 challenge pour les certificats wildcard
 
-replicaCount: 1
+cert-manager-webhook-ovh:
+  replicaCount: 1
 
-resources:
+  # Configuration du webhook
-  limits:
+  groupName: acme.gkdomaine.fr
-    cpu: 100m
-    memory: 128Mi
-  requests:
-    cpu: 50m
-    memory: 64Mi
 
-# Configuration du webhook
+  certManager:
-groupName: acme.gkdomaine.fr
+    # namespace in which your cert-manager is deployed
-
+    namespace: cert-manager-ops
-# RBAC
+    # cert-manager serverAccount name (default: cert-manager)
-serviceAccount:
+    serviceAccountName: cert-manager-ops
-  create: true
-  name: cert-manager-webhook-ovh
-
-# Service
-service:
-  type: ClusterIP
-  port: 443
-
-# Pod annotations
-podAnnotations: {}
-
-# Node selector, tolerations, etc.
-nodeSelector: {}
-tolerations: []
-affinity: {}