{{- $cert := "Cg==" }} {{- $certSecret := lookup "v1" "Secret" .Release.Namespace (include "cert-name" .) }} {{- if $certSecret }} {{- if (index ($certSecret.data) "tls.crt") }} {{- $cert = (index $certSecret.data "tls.crt") }} {{- end }} {{- end }} apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: {{- with .Values.clusterOwnerRefereces }} ownerReferences: {{- toYaml . | nindent 4 }} {{- end }} name: {{ .Release.Name }} namespace: {{ .Release.Namespace }} annotations: meta.helm.sh/release-name: {{ .Release.Name }} meta.helm.sh/release-namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/managed-by: Helm webhooks: - name: sgcluster.validating-webhook.stackgres.io sideEffects: None rules: - operations: ["CREATE", "UPDATE"] apiGroups: ["stackgres.io"] apiVersions: ["*"] resources: ["sgclusters"] failurePolicy: Fail clientConfig: service: namespace: {{ .Release.Namespace }} name: {{ .Release.Name }} path: '/stackgres/validation/sgcluster' caBundle: {{ $cert }} admissionReviewVersions: ["v1"] - name: sgpgconfig.validating-webhook.stackgres.io sideEffects: None rules: - operations: ["CREATE", "UPDATE", "DELETE"] apiGroups: ["stackgres.io"] apiVersions: ["*"] resources: ["sgpgconfigs"] failurePolicy: Fail clientConfig: service: namespace: {{ .Release.Namespace }} name: {{ .Release.Name }} path: '/stackgres/validation/sgpgconfig' caBundle: {{ $cert }} admissionReviewVersions: ["v1"] - name: sgpoolconfig.validating-webhook.stackgres.io sideEffects: None rules: - operations: ["CREATE", "UPDATE", "DELETE"] apiGroups: ["stackgres.io"] apiVersions: ["*"] resources: ["sgpoolconfigs"] failurePolicy: Fail clientConfig: service: namespace: {{ .Release.Namespace }} name: {{ .Release.Name }} path: '/stackgres/validation/sgpoolconfig' caBundle: {{ $cert }} admissionReviewVersions: ["v1"] - name: sginstanceprofile.validating-webhook.stackgres.io sideEffects: None rules: - operations: ["CREATE", "UPDATE", "DELETE"] apiGroups: ["stackgres.io"] apiVersions: ["*"] resources: ["sginstanceprofiles"] failurePolicy: Fail clientConfig: service: namespace: {{ .Release.Namespace }} name: {{ .Release.Name }} path: '/stackgres/validation/sginstanceprofile' caBundle: {{ $cert }} admissionReviewVersions: ["v1"] - name: sgbackupconfig.validating-webhook.stackgres.io sideEffects: None rules: - operations: ["CREATE", "UPDATE", "DELETE"] apiGroups: ["stackgres.io"] apiVersions: ["*"] resources: ["sgbackupconfigs"] failurePolicy: Fail clientConfig: service: namespace: {{ .Release.Namespace }} name: {{ .Release.Name }} path: '/stackgres/validation/sgbackupconfig' caBundle: {{ $cert }} admissionReviewVersions: ["v1"] - name: sgbackup.validating-webhook.stackgres.io sideEffects: None rules: - operations: ["CREATE", "UPDATE", "DELETE"] apiGroups: ["stackgres.io"] apiVersions: ["*"] resources: ["sgbackups"] failurePolicy: Fail clientConfig: service: namespace: {{ .Release.Namespace }} name: {{ .Release.Name }} path: '/stackgres/validation/sgbackup' caBundle: {{ $cert }} admissionReviewVersions: ["v1"] - name: sgdistributedlogs.validating-webhook.stackgres.io sideEffects: None rules: - operations: ["CREATE", "UPDATE", "DELETE"] apiGroups: ["stackgres.io"] apiVersions: ["*"] resources: ["sgdistributedlogs"] failurePolicy: Fail clientConfig: service: namespace: {{ .Release.Namespace }} name: {{ .Release.Name }} path: '/stackgres/validation/sgdistributedlogs' caBundle: {{ $cert }} admissionReviewVersions: ["v1"] - name: sgdbops.validating-webhook.stackgres.io sideEffects: None rules: - operations: ["CREATE", "UPDATE", "DELETE"] apiGroups: ["stackgres.io"] apiVersions: ["*"] resources: ["sgdbops"] failurePolicy: Fail clientConfig: service: namespace: {{ .Release.Namespace }} name: {{ .Release.Name }} path: '/stackgres/validation/sgdbops' caBundle: {{ $cert }} admissionReviewVersions: ["v1"] - name: sgobjectstorage.validating-webhook.stackgres.io sideEffects: None rules: - operations: ["CREATE", "UPDATE", "DELETE"] apiGroups: ["stackgres.io"] apiVersions: ["*"] resources: ["sgobjectstorages"] failurePolicy: Fail clientConfig: service: namespace: {{ .Release.Namespace }} name: {{ .Release.Name }} path: '/stackgres/validation/sgobjectstorage' caBundle: {{ $cert }} admissionReviewVersions: ["v1"] - name: sgscripts.validating-webhook.stackgres.io sideEffects: None rules: - operations: ["CREATE", "UPDATE", "DELETE"] apiGroups: ["stackgres.io"] apiVersions: ["*"] resources: ["sgscripts"] failurePolicy: Fail clientConfig: service: namespace: {{ .Release.Namespace }} name: {{ .Release.Name }} path: '/stackgres/validation/sgscript' caBundle: {{ $cert }} admissionReviewVersions: ["v1"] - name: sgshardedclusters.validating-webhook.stackgres.io sideEffects: None rules: - operations: ["CREATE", "UPDATE", "DELETE"] apiGroups: ["stackgres.io"] apiVersions: ["*"] resources: ["sgshardedclusters"] failurePolicy: Fail clientConfig: service: namespace: {{ .Release.Namespace }} name: {{ .Release.Name }} path: '/stackgres/validation/sgshardedcluster' caBundle: {{ $cert }} admissionReviewVersions: ["v1"] - name: sgshardedbackups.validating-webhook.stackgres.io sideEffects: None rules: - operations: ["CREATE", "UPDATE", "DELETE"] apiGroups: ["stackgres.io"] apiVersions: ["*"] resources: ["sgshardedbackups"] failurePolicy: Fail clientConfig: service: namespace: {{ .Release.Namespace }} name: {{ .Release.Name }} path: '/stackgres/validation/sgshardedbackup' caBundle: {{ $cert }} admissionReviewVersions: ["v1"] - name: sgshardeddbops.validating-webhook.stackgres.io sideEffects: None rules: - operations: ["CREATE", "UPDATE", "DELETE"] apiGroups: ["stackgres.io"] apiVersions: ["*"] resources: ["sgshardeddbops"] failurePolicy: Fail clientConfig: service: namespace: {{ .Release.Namespace }} name: {{ .Release.Name }} path: '/stackgres/validation/sgshardeddbops' caBundle: {{ $cert }} admissionReviewVersions: ["v1"]