apiVersion: v1 kind: Namespace metadata: name: edge-injector labels: workload.edge.ncr.com: platform platform.edge.ncr.com/component: edge-injector annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: edge-injector pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a --- apiVersion: v1 kind: ServiceAccount metadata: name: edge-injector namespace: edge-injector labels: platform.edge.ncr.com/component: edge-injector annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: edge-injector pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a imagePullSecrets: - name: edge-docker-pull-secret --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: edge-injector labels: platform.edge.ncr.com/component: edge-injector annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: edge-injector pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a rules: - resources: - nodes - pods apiGroups: - "" verbs: - get - list - watch - resources: - nodes/status - pods/status - secrets/status apiGroups: - "" verbs: - get - watch - resources: - secrets apiGroups: - "" verbs: - create - delete - get - list - patch - update - watch - resources: - daemonsets - deployments - replicasets - statefulsets apiGroups: - apps verbs: - get - list - watch - resources: - couchdbusers apiGroups: - datasync.edge.ncr.com verbs: - create - get - list - patch - update - watch - resources: - couchdbusers/status apiGroups: - datasync.edge.ncr.com verbs: - get - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: edge-injector labels: platform.edge.ncr.com/component: edge-injector annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: edge-injector pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a roleRef: name: edge-injector kind: ClusterRole apiGroup: rbac.authorization.k8s.io subjects: - name: edge-injector namespace: edge-injector kind: ServiceAccount --- apiVersion: v1 kind: Service metadata: name: edge-injector namespace: edge-injector labels: platform.edge.ncr.com/component: edge-injector annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: edge-injector pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a spec: selector: platform.edge.ncr.com/component: edge-injector ports: - port: 443 targetPort: 8443 publishNotReadyAddresses: true --- apiVersion: apps/v1 kind: Deployment metadata: name: edge-injector labels: platform.edge.ncr.com/component: edge-injector namespace: edge-injector annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: edge-injector pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a spec: replicas: 1 selector: matchLabels: platform.edge.ncr.com/component: edge-injector template: metadata: labels: platform.edge.ncr.com/component: edge-injector annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: edge-injector pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a spec: serviceAccountName: edge-injector containers: - name: edge-injector image: us-east1-docker.pkg.dev/ret-edge-pltf-infra/workloads/edge-injector@sha256:21c6656f6066017fdb478618d50cf7c24d366d736c85364b6f3121ad9f7a5550 ports: - name: http protocol: TCP containerPort: 8443 resources: limits: cpu: "100m" volumeMounts: - name: cert readOnly: true mountPath: "/var/cert" imagePullPolicy: IfNotPresent volumes: - name: cert secret: secretName: edge-injector --- apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: edge-injector namespace: edge-injector labels: platform.edge.ncr.com/component: edge-injector annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: edge-injector pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a spec: commonName: edge-injector.edge-injector.svc dnsNames: - edge-injector.edge-injector.svc issuerRef: name: edge-injector secretName: edge-injector --- apiVersion: cert-manager.io/v1 kind: Issuer metadata: name: edge-injector namespace: edge-injector labels: platform.edge.ncr.com/component: edge-injector annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: edge-injector pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a spec: selfSigned: {} --- apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration metadata: name: edge-injector labels: platform.edge.ncr.com/component: edge-injector annotations: cert-manager.io/inject-ca-from: edge-injector/edge-injector pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: edge-injector pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a webhooks: - name: couchuser.datasync.edge.ncr.com admissionReviewVersions: - v1 clientConfig: service: name: edge-injector namespace: edge-injector port: 443 path: /mutating-create-update-pod-couchdb-secret failurePolicy: Ignore objectSelector: matchExpressions: - key: injector.edge.ncr.com/couchdb-user operator: Exists rules: - resources: ["pods"] apiGroups: [""] apiVersions: ["v1"] operations: ["CREATE", "UPDATE"] scope: "*" sideEffects: None - name: node.dsds.edge.ncr.com admissionReviewVersions: - v1 clientConfig: service: name: edge-injector namespace: edge-injector port: 443 path: /mutating-create-update-pod-node-secret failurePolicy: Ignore objectSelector: matchExpressions: - key: injector.edge.ncr.com/add-node-information operator: Exists rules: - resources: ["pods"] apiGroups: [""] apiVersions: ["v1"] operations: ["CREATE", "UPDATE"] scope: "*" sideEffects: None