1# Adds namespace to all resources.
2namespace: redpanda-system
3
4# Value of this field is prepended to the
5# names of all resources, e.g. a deployment named
6# "wordpress" becomes "alices-wordpress".
7# Note that it should also match with the prefix (text before '-') of the namespace
8# field above.
9namePrefix: redpanda-
10
11# Labels to add to all resources and selectors.
12#commonLabels:
13# someName: someValue
14
15resources:
16- ../crd
17- ../rbac
18- ../manager
19# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in
20# crd/kustomization.yaml
21- ../webhook
22# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required.
23- ../certmanager
24# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'.
25# - ../prometheus
26
27patchesStrategicMerge:
28# Protect the /metrics endpoint by putting it behind auth.
29# If you want your controller-manager to expose the /metrics
30# endpoint w/o any authn/z, please comment the following line.
31- manager_auth_proxy_patch.yaml
32
33# Mount the controller config file for loading manager configurations
34# through a ComponentConfig type
35#- manager_config_patch.yaml
36
37# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in
38# crd/kustomization.yaml
39- manager_webhook_patch.yaml
40
41# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'.
42# Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks.
43# 'CERTMANAGER' needs to be enabled to use ca injection
44- webhookcainjection_patch.yaml
45
46replacements:
47 - source: # Add cert-manager annotation to ValidatingWebhookConfiguration, MutatingWebhookConfiguration and CRDs
48 kind: Certificate
49 group: cert-manager.io
50 version: v1
51 name: serving-cert # this name should match the one in certificate.yaml
52 fieldPath: .metadata.namespace # namespace of the certificate CR
53 targets:
54 - select:
55 kind: ValidatingWebhookConfiguration
56 fieldPaths:
57 - .metadata.annotations.[cert-manager.io/inject-ca-from]
58 options:
59 delimiter: '/'
60 index: 0
61 create: true
62 - select:
63 kind: MutatingWebhookConfiguration
64 fieldPaths:
65 - .metadata.annotations.[cert-manager.io/inject-ca-from]
66 options:
67 delimiter: '/'
68 index: 0
69 create: true
70 - select:
71 kind: CustomResourceDefinition
72 fieldPaths:
73 - .metadata.annotations.[cert-manager.io/inject-ca-from]
74 options:
75 delimiter: '/'
76 index: 0
77 create: true
78 - source:
79 kind: Certificate
80 group: cert-manager.io
81 version: v1
82 name: serving-cert # this name should match the one in certificate.yaml
83 fieldPath: .metadata.name
84 targets:
85 - select:
86 kind: ValidatingWebhookConfiguration
87 fieldPaths:
88 - .metadata.annotations.[cert-manager.io/inject-ca-from]
89 options:
90 delimiter: '/'
91 index: 1
92 create: true
93 - select:
94 kind: MutatingWebhookConfiguration
95 fieldPaths:
96 - .metadata.annotations.[cert-manager.io/inject-ca-from]
97 options:
98 delimiter: '/'
99 index: 1
100 create: true
101 - select:
102 kind: CustomResourceDefinition
103 fieldPaths:
104 - .metadata.annotations.[cert-manager.io/inject-ca-from]
105 options:
106 delimiter: '/'
107 index: 1
108 create: true
109 - source: # Add cert-manager annotation to the webhook Service
110 kind: Service
111 version: v1
112 name: webhook-service
113 fieldPath: .metadata.name # namespace of the service
114 targets:
115 - select:
116 kind: Certificate
117 group: cert-manager.io
118 version: v1
119 fieldPaths:
120 - .spec.dnsNames.0
121 - .spec.dnsNames.1
122 options:
123 delimiter: '.'
124 index: 0
125 create: true
126 - source:
127 kind: Service
128 version: v1
129 name: webhook-service
130 fieldPath: .metadata.namespace # namespace of the service
131 targets:
132 - select:
133 kind: Certificate
134 group: cert-manager.io
135 version: v1
136 fieldPaths:
137 - .spec.dnsNames.0
138 - .spec.dnsNames.1
139 options:
140 delimiter: '.'
141 index: 1
142 create: true
View as plain text