1 # yamllint disable rule:hyphens rule:commas rule:indentation rule:brackets rule:line-length
8 apiVersion: rbac.authorization.k8s.io/v1
11 name: caas:danm-webhook
19 apiVersion: rbac.authorization.k8s.io/v1
20 kind: ClusterRoleBinding
22 name: caas:danm-webhook
24 apiGroup: rbac.authorization.k8s.io
26 name: caas:danm-webhook
28 - kind: ServiceAccount
30 namespace: kube-system
32 apiVersion: admissionregistration.k8s.io/v1beta1
33 kind: MutatingWebhookConfiguration
35 name: danm-webhook-config
36 namespace: kube-system
38 - name: danm-netvalidation.nokia.k8s.io
41 name: danm-webhook-svc
42 namespace: kube-system
43 path: "/netvalidation"
44 # Configure your pre-generated certificate matching the details of your environment
47 - operations: ["CREATE","UPDATE"]
48 apiGroups: ["danm.k8s.io"]
50 resources: ["danmnets","clusternetworks","tenantnetworks"]
52 - name: danm-configvalidation.nokia.k8s.io
55 name: danm-webhook-svc
56 namespace: kube-system
57 path: "/confvalidation"
58 # Configure your pre-generated certificate matching the details of your environment
61 - operations: ["CREATE","UPDATE"]
62 apiGroups: ["danm.k8s.io"]
64 resources: ["tenantconfigs"]
66 - name: danm-netdeletion.nokia.k8s.io
69 name: danm-webhook-svc
70 namespace: kube-system
72 # Configure your pre-generated certificate matching the details of your environment
75 - operations: ["DELETE"]
76 apiGroups: ["danm.k8s.io"]
78 resources: ["tenantnetworks"]
84 name: danm-webhook-svc
85 namespace: kube-system
99 name: danm-webhook-deployment
100 namespace: kube-system
110 # Adapt to your own network environment!
111 danm.k8s.io/interfaces: |
121 serviceAccountName: danm-webhook
125 command: [ "/usr/local/bin/webhook", "-tls-cert-bundle=/etc/webhook/certs/danm_webhook.crt", "-tls-private-key-file=/etc/webhook/certs/danm_webhook.key", "bind-port=8443" ]
126 imagePullPolicy: IfNotPresent
128 - name: webhook-certs
129 mountPath: /etc/webhook/certs
131 # Configure the directory holding the Webhook's server certificates
133 - name: webhook-certs
135 path: /etc/kubernetes/ssl/