1apiVersion: v1
2kind: Namespace
3metadata:
4 name: edge-injector
5 labels:
6 workload.edge.ncr.com: platform
7 platform.edge.ncr.com/component: edge-injector
8 annotations:
9 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
10 pallet.edge.ncr.com/name: edge-injector
11 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
12 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
13 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync'
14 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
15---
16apiVersion: v1
17kind: ServiceAccount
18metadata:
19 name: edge-injector
20 namespace: edge-injector
21 labels:
22 platform.edge.ncr.com/component: edge-injector
23 annotations:
24 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
25 pallet.edge.ncr.com/name: edge-injector
26 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
27 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
28 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync'
29 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
30imagePullSecrets:
31- name: edge-docker-pull-secret
32---
33apiVersion: rbac.authorization.k8s.io/v1
34kind: ClusterRole
35metadata:
36 name: edge-injector
37 labels:
38 platform.edge.ncr.com/component: edge-injector
39 annotations:
40 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
41 pallet.edge.ncr.com/name: edge-injector
42 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
43 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
44 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync'
45 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
46rules:
47- resources:
48 - nodes
49 - pods
50 apiGroups:
51 - ""
52 verbs:
53 - get
54 - list
55 - watch
56- resources:
57 - nodes/status
58 - pods/status
59 - secrets/status
60 apiGroups:
61 - ""
62 verbs:
63 - get
64 - watch
65- resources:
66 - secrets
67 apiGroups:
68 - ""
69 verbs:
70 - create
71 - delete
72 - get
73 - list
74 - patch
75 - update
76 - watch
77- resources:
78 - daemonsets
79 - deployments
80 - replicasets
81 - statefulsets
82 apiGroups:
83 - apps
84 verbs:
85 - get
86 - list
87 - watch
88- resources:
89 - couchdbusers
90 apiGroups:
91 - datasync.edge.ncr.com
92 verbs:
93 - create
94 - get
95 - list
96 - patch
97 - update
98 - watch
99- resources:
100 - couchdbusers/status
101 apiGroups:
102 - datasync.edge.ncr.com
103 verbs:
104 - get
105 - watch
106---
107apiVersion: rbac.authorization.k8s.io/v1
108kind: ClusterRoleBinding
109metadata:
110 name: edge-injector
111 labels:
112 platform.edge.ncr.com/component: edge-injector
113 annotations:
114 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
115 pallet.edge.ncr.com/name: edge-injector
116 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
117 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
118 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync'
119 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
120roleRef:
121 name: edge-injector
122 kind: ClusterRole
123 apiGroup: rbac.authorization.k8s.io
124subjects:
125- name: edge-injector
126 namespace: edge-injector
127 kind: ServiceAccount
128---
129apiVersion: v1
130kind: Service
131metadata:
132 name: edge-injector
133 namespace: edge-injector
134 labels:
135 platform.edge.ncr.com/component: edge-injector
136 annotations:
137 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
138 pallet.edge.ncr.com/name: edge-injector
139 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
140 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
141 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync'
142 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
143spec:
144 selector:
145 platform.edge.ncr.com/component: edge-injector
146 ports:
147 - port: 443
148 targetPort: 8443
149 publishNotReadyAddresses: true
150---
151apiVersion: apps/v1
152kind: Deployment
153metadata:
154 name: edge-injector
155 labels:
156 platform.edge.ncr.com/component: edge-injector
157 namespace: edge-injector
158 annotations:
159 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
160 pallet.edge.ncr.com/name: edge-injector
161 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
162 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
163 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync'
164 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
165spec:
166 replicas: 1
167 selector:
168 matchLabels:
169 platform.edge.ncr.com/component: edge-injector
170 template:
171 metadata:
172 labels:
173 platform.edge.ncr.com/component: edge-injector
174 annotations:
175 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
176 pallet.edge.ncr.com/name: edge-injector
177 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
178 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
179 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync'
180 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
181 spec:
182 serviceAccountName: edge-injector
183 containers:
184 - name: edge-injector
185 image: us-east1-docker.pkg.dev/ret-edge-pltf-infra/workloads/edge-injector@sha256:21c6656f6066017fdb478618d50cf7c24d366d736c85364b6f3121ad9f7a5550
186 ports:
187 - name: http
188 protocol: TCP
189 containerPort: 8443
190 resources:
191 limits:
192 cpu: "100m"
193 volumeMounts:
194 - name: cert
195 readOnly: true
196 mountPath: "/var/cert"
197 imagePullPolicy: IfNotPresent
198 volumes:
199 - name: cert
200 secret:
201 secretName: edge-injector
202---
203apiVersion: cert-manager.io/v1
204kind: Certificate
205metadata:
206 name: edge-injector
207 namespace: edge-injector
208 labels:
209 platform.edge.ncr.com/component: edge-injector
210 annotations:
211 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
212 pallet.edge.ncr.com/name: edge-injector
213 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
214 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
215 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync'
216 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
217spec:
218 commonName: edge-injector.edge-injector.svc
219 dnsNames:
220 - edge-injector.edge-injector.svc
221 issuerRef:
222 name: edge-injector
223 secretName: edge-injector
224---
225apiVersion: cert-manager.io/v1
226kind: Issuer
227metadata:
228 name: edge-injector
229 namespace: edge-injector
230 labels:
231 platform.edge.ncr.com/component: edge-injector
232 annotations:
233 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
234 pallet.edge.ncr.com/name: edge-injector
235 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
236 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
237 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync'
238 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
239spec:
240 selfSigned: {}
241---
242apiVersion: admissionregistration.k8s.io/v1
243kind: MutatingWebhookConfiguration
244metadata:
245 name: edge-injector
246 labels:
247 platform.edge.ncr.com/component: edge-injector
248 annotations:
249 cert-manager.io/inject-ca-from: edge-injector/edge-injector
250 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
251 pallet.edge.ncr.com/name: edge-injector
252 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
253 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
254 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync'
255 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
256webhooks:
257- name: couchuser.datasync.edge.ncr.com
258 admissionReviewVersions:
259 - v1
260 clientConfig:
261 service:
262 name: edge-injector
263 namespace: edge-injector
264 port: 443
265 path: /mutating-create-update-pod-couchdb-secret
266 failurePolicy: Ignore
267 objectSelector:
268 matchExpressions:
269 - key: injector.edge.ncr.com/couchdb-user
270 operator: Exists
271 rules:
272 - resources: ["pods"]
273 apiGroups: [""]
274 apiVersions: ["v1"]
275 operations: ["CREATE", "UPDATE"]
276 scope: "*"
277 sideEffects: None
278- name: node.dsds.edge.ncr.com
279 admissionReviewVersions:
280 - v1
281 clientConfig:
282 service:
283 name: edge-injector
284 namespace: edge-injector
285 port: 443
286 path: /mutating-create-update-pod-node-secret
287 failurePolicy: Ignore
288 objectSelector:
289 matchExpressions:
290 - key: injector.edge.ncr.com/add-node-information
291 operator: Exists
292 rules:
293 - resources: ["pods"]
294 apiGroups: [""]
295 apiVersions: ["v1"]
296 operations: ["CREATE", "UPDATE"]
297 scope: "*"
298 sideEffects: None
View as plain text