Changeset - 723ad82340d1
[Not reviewed]
default
1 2 1
drewp@bigasterisk.com - 2 years ago 2022-12-13 07:19:28
drewp@bigasterisk.com
code versions
3 files changed with 7 insertions and 9 deletions:
0 comments (0 inline, 0 general)
00-defs/49-cert-manager-crd.yaml
Show inline comments
 
# Source: cert-manager/templates/crd-templates.yaml
 
apiVersion: apiextensions.k8s.io/v1
 
kind: CustomResourceDefinition
 
metadata:
 
  name: certificaterequests.cert-manager.io
 
  labels:
 
    app: 'cert-manager'
 
    app.kubernetes.io/name: 'cert-manager'
 
    app.kubernetes.io/instance: 'cert-manager'
 
    # Generated labels
 
    app.kubernetes.io/version: "v1.9.1"
 
spec:
 
  group: cert-manager.io
 
  names:
 
    kind: CertificateRequest
 
    listKind: CertificateRequestList
 
    plural: certificaterequests
 
    shortNames:
 
      - cr
 
      - crs
 
    singular: certificaterequest
 
    categories:
 
      - cert-manager
 
@@ -199,25 +197,25 @@ spec:
 
      storage: true
 
---
 
# Source: cert-manager/templates/crd-templates.yaml
 
apiVersion: apiextensions.k8s.io/v1
 
kind: CustomResourceDefinition
 
metadata:
 
  name: certificates.cert-manager.io
 
  labels:
 
    app: 'cert-manager'
 
    app.kubernetes.io/name: 'cert-manager'
 
    app.kubernetes.io/instance: 'cert-manager'
 
    # Generated labels
 
    app.kubernetes.io/version: "v1.9.1"
 
    app.kubernetes.io/version: "v1.10.1"
 
spec:
 
  group: cert-manager.io
 
  names:
 
    kind: Certificate
 
    listKind: CertificateList
 
    plural: certificates
 
    shortNames:
 
      - cert
 
      - certs
 
    singular: certificate
 
    categories:
 
      - cert-manager
 
@@ -572,25 +570,25 @@ spec:
 
      storage: true
 
---
 
# Source: cert-manager/templates/crd-templates.yaml
 
apiVersion: apiextensions.k8s.io/v1
 
kind: CustomResourceDefinition
 
metadata:
 
  name: challenges.acme.cert-manager.io
 
  labels:
 
    app: 'cert-manager'
 
    app.kubernetes.io/name: 'cert-manager'
 
    app.kubernetes.io/instance: 'cert-manager'
 
    # Generated labels
 
    app.kubernetes.io/version: "v1.9.1"
 
    app.kubernetes.io/version: "v1.10.1"
 
spec:
 
  group: acme.cert-manager.io
 
  names:
 
    kind: Challenge
 
    listKind: ChallengeList
 
    plural: challenges
 
    singular: challenge
 
    categories:
 
      - cert-manager
 
      - cert-manager-acme
 
  scope: Namespaced
 
  versions:
 
@@ -1619,25 +1617,25 @@ spec:
 
        status: {}
 
---
 
# Source: cert-manager/templates/crd-templates.yaml
 
apiVersion: apiextensions.k8s.io/v1
 
kind: CustomResourceDefinition
 
metadata:
 
  name: clusterissuers.cert-manager.io
 
  labels:
 
    app: 'cert-manager'
 
    app.kubernetes.io/name: 'cert-manager'
 
    app.kubernetes.io/instance: 'cert-manager'
 
    # Generated labels
 
    app.kubernetes.io/version: "v1.9.1"
 
    app.kubernetes.io/version: "v1.10.1"
 
spec:
 
  group: cert-manager.io
 
  names:
 
    kind: ClusterIssuer
 
    listKind: ClusterIssuerList
 
    plural: clusterissuers
 
    singular: clusterissuer
 
    categories:
 
      - cert-manager
 
  scope: Cluster
 
  versions:
 
    - name: v1
 
@@ -2881,25 +2879,25 @@ spec:
 
      storage: true
 
---
 
# Source: cert-manager/templates/crd-templates.yaml
 
apiVersion: apiextensions.k8s.io/v1
 
kind: CustomResourceDefinition
 
metadata:
 
  name: issuers.cert-manager.io
 
  labels:
 
    app: 'cert-manager'
 
    app.kubernetes.io/name: 'cert-manager'
 
    app.kubernetes.io/instance: 'cert-manager'
 
    # Generated labels
 
    app.kubernetes.io/version: "v1.9.1"
 
    app.kubernetes.io/version: "v1.10.1"
 
spec:
 
  group: cert-manager.io
 
  names:
 
    kind: Issuer
 
    listKind: IssuerList
 
    plural: issuers
 
    singular: issuer
 
    categories:
 
      - cert-manager
 
  scope: Namespaced
 
  versions:
 
    - name: v1
 
@@ -4143,25 +4141,25 @@ spec:
 
      storage: true
 
---
 
# Source: cert-manager/templates/crd-templates.yaml
 
apiVersion: apiextensions.k8s.io/v1
 
kind: CustomResourceDefinition
 
metadata:
 
  name: orders.acme.cert-manager.io
 
  labels:
 
    app: 'cert-manager'
 
    app.kubernetes.io/name: 'cert-manager'
 
    app.kubernetes.io/instance: 'cert-manager'
 
    # Generated labels
 
    app.kubernetes.io/version: "v1.9.1"
 
    app.kubernetes.io/version: "v1.10.1"
 
spec:
 
  group: acme.cert-manager.io
 
  names:
 
    kind: Order
 
    listKind: OrderList
 
    plural: orders
 
    singular: order
 
    categories:
 
      - cert-manager
 
      - cert-manager-acme
 
  scope: Namespaced
 
  versions:
04-gen-secrets-job.yaml
Show inline comments
 
file renamed from kube/04-gen-secrets-job.yaml to 04-gen-secrets-job.yaml
 
@@ -12,25 +12,25 @@ spec:
 
        app.kubernetes.io/name: pomerium
 
      name: pomerium-gen-secrets
 
    spec:
 
      containers:
 
      - args:
 
        - gen-secrets
 
        - --secrets=$(POD_NAMESPACE)/bootstrap
 
        env:
 
        - name: POD_NAMESPACE
 
          valueFrom:
 
            fieldRef:
 
              fieldPath: metadata.namespace
 
        image: pomerium/ingress-controller:main
 
        image: pomerium/ingress-controller:sha-efe2d11
 
        imagePullPolicy: IfNotPresent
 
        name: gen-secrets
 
        securityContext:
 
          allowPrivilegeEscalation: false
 
      nodeSelector:
 
        kubernetes.io/os: linux
 
      restartPolicy: OnFailure
 
      securityContext:
 
        fsGroup: 1000
 
        runAsNonRoot: true
 
        runAsUser: 1000
 
      serviceAccountName: pomerium-gen-secrets
20-kube/20-pom-deploy.yaml
Show inline comments
 
@@ -21,25 +21,25 @@ spec:
 
          env:
 
            - { name: TMPDIR, value: /tmp }
 
            - { name: XDG_CACHE_HOME, value: /tmp }
 
            - name: POMERIUM_NAMESPACE
 
              valueFrom:
 
                fieldRef:
 
                  apiVersion: v1
 
                  fieldPath: metadata.namespace
 
            - name: POD_IP
 
              valueFrom:
 
                fieldRef:
 
                  fieldPath: status.podIP
 
          image: pomerium/ingress-controller:sha-5294279
 
          image: pomerium/ingress-controller:sha-efe2d11
 
          imagePullPolicy: IfNotPresent
 
          name: pomerium
 
          ports:
 
            - { containerPort: 8443, name: https, protocol: TCP }
 
            - { containerPort: 8080, name: http, protocol: TCP }
 
            - { containerPort: 9090, name: metrics, protocol: TCP }
 
          resources:
 
            limits: { cpu: 5000m, memory: 1Gi }
 
            requests: { cpu: 300m, memory: 200Mi }
 
          securityContext:
 
            allowPrivilegeEscalation: false
 
            readOnlyRootFilesystem: true
0 comments (0 inline, 0 general)