rancher-charts/charts/rancher-gatekeeper/100.0.0+up3.5.1/templates/gatekeeper-validating-webho...

{{- if not .Values.disableValidatingWebhook }}
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
  labels:
    app: '{{ template "gatekeeper.name" . }}'
    chart: '{{ template "gatekeeper.name" . }}'
    gatekeeper.sh/system: "yes"
    heritage: '{{ .Release.Service }}'
    release: '{{ .Release.Name }}'
  name: gatekeeper-validating-webhook-configuration
webhooks:
- admissionReviewVersions:
  - v1
  - v1beta1
  clientConfig:
    service:
      name: gatekeeper-webhook-service
      namespace: '{{ .Release.Namespace }}'
      path: /v1/admit
  failurePolicy: Ignore
  matchPolicy: Exact
  name: validation.gatekeeper.sh
  namespaceSelector:
    matchExpressions:
    - key: admission.gatekeeper.sh/ignore
      operator: DoesNotExist
  rules:
  - apiGroups:
    - '*'
    apiVersions:
    - '*'
    operations: 
    - CREATE
    - UPDATE
    {{- if .Values.enableDeleteOperations }}
    - DELETE
    {{- end}}
    resources:
    - '*'
  sideEffects: None
  timeoutSeconds: {{ .Values.validatingWebhookTimeoutSeconds }}
- admissionReviewVersions:
  - v1
  - v1beta1
  clientConfig:
    service:
      name: gatekeeper-webhook-service
      namespace: '{{ .Release.Namespace }}'
      path: /v1/admitlabel
  failurePolicy: Fail
  matchPolicy: Exact
  name: check-ignore-label.gatekeeper.sh
  rules:
  - apiGroups:
    - ""
    apiVersions:
    - '*'
    operations:
    - CREATE
    - UPDATE
    resources:
    - namespaces
  sideEffects: None
  timeoutSeconds: {{ .Values.validatingWebhookTimeoutSeconds }}
{{- end }}
add charts 2021-08-30 16:48:23 +00:00			`{{- if not .Values.disableValidatingWebhook }}`
			`apiVersion: admissionregistration.k8s.io/v1`
			`kind: ValidatingWebhookConfiguration`
			`metadata:`
			`labels:`
			`app: '{{ template "gatekeeper.name" . }}'`
			`chart: '{{ template "gatekeeper.name" . }}'`
			`gatekeeper.sh/system: "yes"`
			`heritage: '{{ .Release.Service }}'`
			`release: '{{ .Release.Name }}'`
			`name: gatekeeper-validating-webhook-configuration`
			`webhooks:`
			`- admissionReviewVersions:`
			`- v1`
			`- v1beta1`
			`clientConfig:`
			`service:`
			`name: gatekeeper-webhook-service`
			`namespace: '{{ .Release.Namespace }}'`
			`path: /v1/admit`
			`failurePolicy: Ignore`
			`matchPolicy: Exact`
			`name: validation.gatekeeper.sh`
			`namespaceSelector:`
			`matchExpressions:`
			`- key: admission.gatekeeper.sh/ignore`
			`operator: DoesNotExist`
			`rules:`
			`- apiGroups:`
			`- '*'`
			`apiVersions:`
			`- '*'`
			`operations:`
			`- CREATE`
			`- UPDATE`
			`{{- if .Values.enableDeleteOperations }}`
			`- DELETE`
			`{{- end}}`
			`resources:`
			`- '*'`
			`sideEffects: None`
			`timeoutSeconds: {{ .Values.validatingWebhookTimeoutSeconds }}`
			`- admissionReviewVersions:`
			`- v1`
			`- v1beta1`
			`clientConfig:`
			`service:`
			`name: gatekeeper-webhook-service`
			`namespace: '{{ .Release.Namespace }}'`
			`path: /v1/admitlabel`
			`failurePolicy: Fail`
			`matchPolicy: Exact`
			`name: check-ignore-label.gatekeeper.sh`
			`rules:`
			`- apiGroups:`
			`- ""`
			`apiVersions:`
			`- '*'`
			`operations:`
			`- CREATE`
			`- UPDATE`
			`resources:`
			`- namespaces`
			`sideEffects: None`
			`timeoutSeconds: {{ .Values.validatingWebhookTimeoutSeconds }}`
			`{{- end }}`