Mercurial > code > home > repos > pomerium
changeset 8:723ad82340d1
code versions
| author | drewp@bigasterisk.com |
|---|---|
| date | Mon, 12 Dec 2022 23:19:28 -0800 |
| parents | 0071c165e990 |
| children | c9e2108bb271 |
| files | 00-defs/49-cert-manager-crd.yaml 04-gen-secrets-job.yaml 20-kube/20-pom-deploy.yaml kube/04-gen-secrets-job.yaml |
| diffstat | 4 files changed, 42 insertions(+), 44 deletions(-) [+] |
line wrap: on
line diff
--- a/00-defs/49-cert-manager-crd.yaml Mon Dec 12 23:18:39 2022 -0800 +++ b/00-defs/49-cert-manager-crd.yaml Mon Dec 12 23:19:28 2022 -0800 @@ -7,8 +7,6 @@ app: 'cert-manager' app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: 'cert-manager' - # Generated labels - app.kubernetes.io/version: "v1.9.1" spec: group: cert-manager.io names: @@ -208,7 +206,7 @@ app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: 'cert-manager' # Generated labels - app.kubernetes.io/version: "v1.9.1" + app.kubernetes.io/version: "v1.10.1" spec: group: cert-manager.io names: @@ -581,7 +579,7 @@ app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: 'cert-manager' # Generated labels - app.kubernetes.io/version: "v1.9.1" + app.kubernetes.io/version: "v1.10.1" spec: group: acme.cert-manager.io names: @@ -1628,7 +1626,7 @@ app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: 'cert-manager' # Generated labels - app.kubernetes.io/version: "v1.9.1" + app.kubernetes.io/version: "v1.10.1" spec: group: cert-manager.io names: @@ -2890,7 +2888,7 @@ app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: 'cert-manager' # Generated labels - app.kubernetes.io/version: "v1.9.1" + app.kubernetes.io/version: "v1.10.1" spec: group: cert-manager.io names: @@ -4152,7 +4150,7 @@ app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: 'cert-manager' # Generated labels - app.kubernetes.io/version: "v1.9.1" + app.kubernetes.io/version: "v1.10.1" spec: group: acme.cert-manager.io names:
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/04-gen-secrets-job.yaml Mon Dec 12 23:19:28 2022 -0800 @@ -0,0 +1,36 @@ +apiVersion: batch/v1 +kind: Job +metadata: + labels: + app.kubernetes.io/name: pomerium + name: pomerium-gen-secrets + namespace: pomerium +spec: + template: + metadata: + labels: + app.kubernetes.io/name: pomerium + name: pomerium-gen-secrets + spec: + containers: + - args: + - gen-secrets + - --secrets=$(POD_NAMESPACE)/bootstrap + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: pomerium/ingress-controller:sha-efe2d11 + imagePullPolicy: IfNotPresent + name: gen-secrets + securityContext: + allowPrivilegeEscalation: false + nodeSelector: + kubernetes.io/os: linux + restartPolicy: OnFailure + securityContext: + fsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + serviceAccountName: pomerium-gen-secrets
--- a/20-kube/20-pom-deploy.yaml Mon Dec 12 23:18:39 2022 -0800 +++ b/20-kube/20-pom-deploy.yaml Mon Dec 12 23:19:28 2022 -0800 @@ -30,7 +30,7 @@ valueFrom: fieldRef: fieldPath: status.podIP - image: pomerium/ingress-controller:sha-5294279 + image: pomerium/ingress-controller:sha-efe2d11 imagePullPolicy: IfNotPresent name: pomerium ports:
--- a/kube/04-gen-secrets-job.yaml Mon Dec 12 23:18:39 2022 -0800 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,36 +0,0 @@ -apiVersion: batch/v1 -kind: Job -metadata: - labels: - app.kubernetes.io/name: pomerium - name: pomerium-gen-secrets - namespace: pomerium -spec: - template: - metadata: - labels: - app.kubernetes.io/name: pomerium - name: pomerium-gen-secrets - spec: - containers: - - args: - - gen-secrets - - --secrets=$(POD_NAMESPACE)/bootstrap - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: pomerium/ingress-controller:main - imagePullPolicy: IfNotPresent - name: gen-secrets - securityContext: - allowPrivilegeEscalation: false - nodeSelector: - kubernetes.io/os: linux - restartPolicy: OnFailure - securityContext: - fsGroup: 1000 - runAsNonRoot: true - runAsUser: 1000 - serviceAccountName: pomerium-gen-secrets