alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 2 Actions Activity

Automated Manifest Update #4583

Merged
alexlebens merged 1 commits from auto/update-manifests into manifests 2026-03-10 19:45:34 +00:00
Conversation 0 Commits 1 Files Changed 53 +251 -184
53 changed files with 251 additions and 184 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-cainjector.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: cainjector
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "cainjector"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
rules:
- apiGroups: ["cert-manager.io"]
resources: ["certificates"]

4
clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-cluster-view.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
rbac.authorization.k8s.io/aggregate-to-cluster-reader: "true"
rules:
- apiGroups: ["cert-manager.io"]

4
clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-approve:cert-manager-io.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "cert-manager"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
rules:
- apiGroups: ["cert-manager.io"]
resources: ["signers"]

4
clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-certificates.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
rules:
- apiGroups: ["cert-manager.io"]
resources: ["certificates", "certificates/status", "certificaterequests", "certificaterequests/status"]

4
clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-certificatesigningrequests.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "cert-manager"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
rules:
- apiGroups: ["certificates.k8s.io"]
resources: ["certificatesigningrequests"]

4
clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-challenges.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
rules:
- apiGroups: ["acme.cert-manager.io"]
resources: ["challenges", "challenges/status"]

4
clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-clusterissuers.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
rules:
- apiGroups: ["cert-manager.io"]
resources: ["clusterissuers", "clusterissuers/status"]

8
clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-ingress-shim.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
rules:
- apiGroups: ["cert-manager.io"]
resources: ["certificates", "certificaterequests"]
@@ -24,10 +24,10 @@ rules:
resources: ["ingresses/finalizers"]
verbs: ["update"]
- apiGroups: ["gateway.networking.k8s.io"]
resources: ["gateways", "httproutes"]
resources: ["gateways", "httproutes", "listenersets"]
verbs: ["get", "list", "watch"]
- apiGroups: ["gateway.networking.k8s.io"]
resources: ["gateways/finalizers", "httproutes/finalizers"]
resources: ["gateways/finalizers", "httproutes/finalizers", "listenersets/finalizers"]
verbs: ["update"]
- apiGroups: [""]
resources: ["events"]

4
clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-issuers.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
rules:
- apiGroups: ["cert-manager.io"]
resources: ["issuers", "issuers/status"]

4
clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-orders.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
rules:
- apiGroups: ["acme.cert-manager.io"]
resources: ["orders", "orders/status"]

4
clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-edit.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rules:

4
clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-view.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rbac.authorization.k8s.io/aggregate-to-admin: "true"

4
clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-webhook:subjectaccessreviews.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: webhook
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "webhook"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
rules:
- apiGroups: ["authorization.k8s.io"]
resources: ["subjectaccessreviews"]

4
clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-cainjector.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: cainjector
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "cainjector"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole

4
clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-approve:cert-manager-io.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "cert-manager"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole

4
clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-certificates.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole

4
clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-certificatesigningrequests.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "cert-manager"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole

4
clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-challenges.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole

4
clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-clusterissuers.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole

4
clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-ingress-shim.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole

4
clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-issuers.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole

4
clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-orders.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole

4
clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-webhook:subjectaccessreviews.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: webhook
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "webhook"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole

8
clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-certificaterequests.cert-manager.io.yaml
View File

@@ -9,9 +9,9 @@ metadata:
app.kubernetes.io/name: "cert-manager"
app.kubernetes.io/instance: "cert-manager"
app.kubernetes.io/component: "crds"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
spec:
group: cert-manager.io
names:
@@ -315,6 +315,10 @@ spec:
type: string
type: object
type: object
selectableFields:
- jsonPath: .spec.issuerRef.group
- jsonPath: .spec.issuerRef.kind
- jsonPath: .spec.issuerRef.name
served: true
storage: true
subresources:

11
clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-certificates.cert-manager.io.yaml
View File

@@ -9,9 +9,9 @@ metadata:
app.kubernetes.io/name: "cert-manager"
app.kubernetes.io/instance: "cert-manager"
app.kubernetes.io/component: "crds"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
spec:
group: cert-manager.io
names:
@@ -454,9 +454,6 @@ spec:
will be generated whenever a re-issuance occurs.
Default is `Always`.
The default was changed from `Never` to `Always` in cert-manager >=v1.18.0.
The new default can be disabled by setting the
`--feature-gates=DefaultPrivateKeyRotationPolicyAlways=false` option on
the controller component.
enum:
- Never
- Always
@@ -812,6 +809,10 @@ spec:
type: integer
type: object
type: object
selectableFields:
- jsonPath: .spec.issuerRef.group
- jsonPath: .spec.issuerRef.kind
- jsonPath: .spec.issuerRef.name
served: true
storage: true
subresources:

44
clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-challenges.acme.cert-manager.io.yaml
View File

@@ -9,9 +9,9 @@ metadata:
app.kubernetes.io/name: "cert-manager"
app.kubernetes.io/instance: "cert-manager"
app.kubernetes.io/component: "crds"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
spec:
group: acme.cert-manager.io
names:
@@ -286,6 +286,22 @@ spec:
The TenantID of the Azure Service Principal used to authenticate with Azure DNS.
If set, ClientID and ClientSecret must also be set.
type: string
zoneType:
description: |-
ZoneType determines which type of Azure DNS zone to use.
Valid values are:
- AzurePublicZone (default): Use a public Azure DNS zone.
- AzurePrivateZone: Use an Azure Private DNS zone.
If not specified, AzurePublicZone is used.
Support for Azure Private DNS zones is currently
experimental and may change in future releases.
enum:
- AzurePublicZone
- AzurePrivateZone
type: string
required:
- resourceGroupName
- subscriptionID
@@ -409,7 +425,7 @@ spec:
description: |-
The IP address or hostname of an authoritative DNS server supporting
RFC2136 in the form host:port. If the host is an IPv6 address it must be
enclosed in square brackets (e.g [2001:db8::1]) ; port is optional.
enclosed in square brackets (e.g [2001:db8::1]); port is optional.
This field is required.
type: string
protocol:
@@ -459,8 +475,8 @@ spec:
description: |-
The AccessKeyID is used for authentication.
Cannot be set when SecretAccessKeyID is set.
If neither the Access Key nor Key ID are set, we fall-back to using env
vars, shared credentials file or AWS Instance metadata,
If neither the Access Key nor Key ID are set, we fall back to using env
vars, shared credentials file, or AWS Instance metadata,
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
type: string
accessKeyIDSecretRef:
@@ -468,8 +484,8 @@ spec:
The SecretAccessKey is used for authentication. If set, pull the AWS
access key ID from a key within a Kubernetes Secret.
Cannot be set when AccessKeyID is set.
If neither the Access Key nor Key ID are set, we fall-back to using env
vars, shared credentials file or AWS Instance metadata,
If neither the Access Key nor Key ID are set, we fall back to using env
vars, shared credentials file, or AWS Instance metadata,
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
properties:
key:
@@ -558,8 +574,8 @@ spec:
secretAccessKeySecretRef:
description: |-
The SecretAccessKey is used for authentication.
If neither the Access Key nor Key ID are set, we fall-back to using env
vars, shared credentials file or AWS Instance metadata,
If neither the Access Key nor Key ID are set, we fall back to using env
vars, shared credentials file, or AWS Instance metadata,
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
properties:
key:
@@ -1916,9 +1932,10 @@ spec:
operator:
description: |-
Operator represents a key's relationship to the value.
Valid operators are Exists and Equal. Defaults to Equal.
Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.
Exists is equivalent to wildcard for value, so that a pod can
tolerate all taints of a particular category.
Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).
type: string
tolerationSeconds:
description: |-
@@ -3127,9 +3144,10 @@ spec:
operator:
description: |-
Operator represents a key's relationship to the value.
Valid operators are Exists and Equal. Defaults to Equal.
Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.
Exists is equivalent to wildcard for value, so that a pod can
tolerate all taints of a particular category.
Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).
type: string
tolerationSeconds:
description: |-
@@ -3277,6 +3295,10 @@ spec:
- metadata
- spec
type: object
selectableFields:
- jsonPath: .spec.issuerRef.group
- jsonPath: .spec.issuerRef.kind
- jsonPath: .spec.issuerRef.name
served: true
storage: true
subresources:

72
clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-clusterissuers.cert-manager.io.yaml
View File

@@ -9,9 +9,9 @@ metadata:
app.kubernetes.io/name: "cert-manager"
app.kubernetes.io/instance: "cert-manager"
app.kubernetes.io/component: "crds"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
spec:
group: cert-manager.io
names:
@@ -399,6 +399,22 @@ spec:
The TenantID of the Azure Service Principal used to authenticate with Azure DNS.
If set, ClientID and ClientSecret must also be set.
type: string
zoneType:
description: |-
ZoneType determines which type of Azure DNS zone to use.
Valid values are:
- AzurePublicZone (default): Use a public Azure DNS zone.
- AzurePrivateZone: Use an Azure Private DNS zone.
If not specified, AzurePublicZone is used.
Support for Azure Private DNS zones is currently
experimental and may change in future releases.
enum:
- AzurePublicZone
- AzurePrivateZone
type: string
required:
- resourceGroupName
- subscriptionID
@@ -522,7 +538,7 @@ spec:
description: |-
The IP address or hostname of an authoritative DNS server supporting
RFC2136 in the form host:port. If the host is an IPv6 address it must be
enclosed in square brackets (e.g [2001:db8::1]) ; port is optional.
enclosed in square brackets (e.g [2001:db8::1]); port is optional.
This field is required.
type: string
protocol:
@@ -572,8 +588,8 @@ spec:
description: |-
The AccessKeyID is used for authentication.
Cannot be set when SecretAccessKeyID is set.
If neither the Access Key nor Key ID are set, we fall-back to using env
vars, shared credentials file or AWS Instance metadata,
If neither the Access Key nor Key ID are set, we fall back to using env
vars, shared credentials file, or AWS Instance metadata,
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
type: string
accessKeyIDSecretRef:
@@ -581,8 +597,8 @@ spec:
The SecretAccessKey is used for authentication. If set, pull the AWS
access key ID from a key within a Kubernetes Secret.
Cannot be set when AccessKeyID is set.
If neither the Access Key nor Key ID are set, we fall-back to using env
vars, shared credentials file or AWS Instance metadata,
If neither the Access Key nor Key ID are set, we fall back to using env
vars, shared credentials file, or AWS Instance metadata,
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
properties:
key:
@@ -671,8 +687,8 @@ spec:
secretAccessKeySecretRef:
description: |-
The SecretAccessKey is used for authentication.
If neither the Access Key nor Key ID are set, we fall-back to using env
vars, shared credentials file or AWS Instance metadata,
If neither the Access Key nor Key ID are set, we fall back to using env
vars, shared credentials file, or AWS Instance metadata,
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
properties:
key:
@@ -2029,9 +2045,10 @@ spec:
operator:
description: |-
Operator represents a key's relationship to the value.
Valid operators are Exists and Equal. Defaults to Equal.
Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.
Exists is equivalent to wildcard for value, so that a pod can
tolerate all taints of a particular category.
Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).
type: string
tolerationSeconds:
description: |-
@@ -3240,9 +3257,10 @@ spec:
operator:
description: |-
Operator represents a key's relationship to the value.
Valid operators are Exists and Equal. Defaults to Equal.
Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.
Exists is equivalent to wildcard for value, so that a pod can
tolerate all taints of a particular category.
Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).
type: string
tolerationSeconds:
description: |-
@@ -3499,8 +3517,8 @@ spec:
properties:
audiences:
description: |-
TokenAudiences is an optional list of extra audiences to include in the token passed to Vault. The default token
consisting of the issuer's namespace and name is always included.
TokenAudiences is an optional list of extra audiences to include in the token passed to Vault.
The default audiences are always included in the token.
items:
type: string
type: array
@@ -3628,16 +3646,16 @@ spec:
type: object
venafi:
description: |-
Venafi configures this issuer to sign certificates using a Venafi TPP
or Venafi Cloud policy zone.
Venafi configures this issuer to sign certificates using a CyberArk Certificate Manager Self-Hosted
or SaaS policy zone.
properties:
cloud:
description: |-
Cloud specifies the Venafi cloud configuration settings.
Only one of TPP or Cloud may be specified.
Cloud specifies the CyberArk Certificate Manager SaaS configuration settings.
Only one of CyberArk Certificate Manager may be specified.
properties:
apiTokenSecretRef:
description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token.
description: APITokenSecretRef is a secret key selector for the CyberArk Certificate Manager SaaS API token.
properties:
key:
description: |-
@@ -3655,7 +3673,7 @@ spec:
type: object
url:
description: |-
URL is the base URL for Venafi Cloud.
URL is the base URL for CyberArk Certificate Manager SaaS.
Defaults to "https://api.venafi.cloud/".
type: string
required:
@@ -3663,13 +3681,13 @@ spec:
type: object
tpp:
description: |-
TPP specifies Trust Protection Platform configuration settings.
Only one of TPP or Cloud may be specified.
TPP specifies CyberArk Certificate Manager Self-Hosted configuration settings.
Only one of CyberArk Certificate Manager may be specified.
properties:
caBundle:
description: |-
Base64-encoded bundle of PEM CAs which will be used to validate the certificate
chain presented by the TPP server. Only used if using HTTPS; ignored for HTTP.
chain presented by the CyberArk Certificate Manager Self-Hosted server. Only used if using HTTPS; ignored for HTTP.
If undefined, the certificate bundle in the cert-manager controller container
is used to validate the chain.
format: byte
@@ -3677,7 +3695,7 @@ spec:
caBundleSecretRef:
description: |-
Reference to a Secret containing a base64-encoded bundle of PEM CAs
which will be used to validate the certificate chain presented by the TPP server.
which will be used to validate the certificate chain presented by the CyberArk Certificate Manager Self-Hosted server.
Only used if using HTTPS; ignored for HTTP. Mutually exclusive with CABundle.
If neither CABundle nor CABundleSecretRef is defined, the certificate bundle in
the cert-manager controller container is used to validate the TLS connection.
@@ -3698,7 +3716,7 @@ spec:
type: object
credentialsRef:
description: |-
CredentialsRef is a reference to a Secret containing the Venafi TPP API credentials.
CredentialsRef is a reference to a Secret containing the CyberArk Certificate Manager Self-Hosted API credentials.
The secret must contain the key 'access-token' for the Access Token Authentication,
or two keys, 'username' and 'password' for the API Keys Authentication.
properties:
@@ -3712,7 +3730,7 @@ spec:
type: object
url:
description: |-
URL is the base URL for the vedsdk endpoint of the Venafi TPP instance,
URL is the base URL for the vedsdk endpoint of the CyberArk Certificate Manager Self-Hosted instance,
for example: "https://tpp.example.com/vedsdk".
type: string
required:
@@ -3721,8 +3739,8 @@ spec:
type: object
zone:
description: |-
Zone is the Venafi Policy Zone to use for this issuer.
All requests made to the Venafi platform will be restricted by the named
Zone is the Certificate Manager Policy Zone to use for this issuer.
All requests made to the Certificate Manager platform will be restricted by the named
zone policy.
This field is required.
type: string

72
clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-issuers.cert-manager.io.yaml
View File

@@ -9,9 +9,9 @@ metadata:
app.kubernetes.io/name: "cert-manager"
app.kubernetes.io/instance: "cert-manager"
app.kubernetes.io/component: "crds"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
spec:
group: cert-manager.io
names:
@@ -398,6 +398,22 @@ spec:
The TenantID of the Azure Service Principal used to authenticate with Azure DNS.
If set, ClientID and ClientSecret must also be set.
type: string
zoneType:
description: |-
ZoneType determines which type of Azure DNS zone to use.
Valid values are:
- AzurePublicZone (default): Use a public Azure DNS zone.
- AzurePrivateZone: Use an Azure Private DNS zone.
If not specified, AzurePublicZone is used.
Support for Azure Private DNS zones is currently
experimental and may change in future releases.
enum:
- AzurePublicZone
- AzurePrivateZone
type: string
required:
- resourceGroupName
- subscriptionID
@@ -521,7 +537,7 @@ spec:
description: |-
The IP address or hostname of an authoritative DNS server supporting
RFC2136 in the form host:port. If the host is an IPv6 address it must be
enclosed in square brackets (e.g [2001:db8::1]) ; port is optional.
enclosed in square brackets (e.g [2001:db8::1]); port is optional.
This field is required.
type: string
protocol:
@@ -571,8 +587,8 @@ spec:
description: |-
The AccessKeyID is used for authentication.
Cannot be set when SecretAccessKeyID is set.
If neither the Access Key nor Key ID are set, we fall-back to using env
vars, shared credentials file or AWS Instance metadata,
If neither the Access Key nor Key ID are set, we fall back to using env
vars, shared credentials file, or AWS Instance metadata,
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
type: string
accessKeyIDSecretRef:
@@ -580,8 +596,8 @@ spec:
The SecretAccessKey is used for authentication. If set, pull the AWS
access key ID from a key within a Kubernetes Secret.
Cannot be set when AccessKeyID is set.
If neither the Access Key nor Key ID are set, we fall-back to using env
vars, shared credentials file or AWS Instance metadata,
If neither the Access Key nor Key ID are set, we fall back to using env
vars, shared credentials file, or AWS Instance metadata,
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
properties:
key:
@@ -670,8 +686,8 @@ spec:
secretAccessKeySecretRef:
description: |-
The SecretAccessKey is used for authentication.
If neither the Access Key nor Key ID are set, we fall-back to using env
vars, shared credentials file or AWS Instance metadata,
If neither the Access Key nor Key ID are set, we fall back to using env
vars, shared credentials file, or AWS Instance metadata,
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
properties:
key:
@@ -2028,9 +2044,10 @@ spec:
operator:
description: |-
Operator represents a key's relationship to the value.
Valid operators are Exists and Equal. Defaults to Equal.
Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.
Exists is equivalent to wildcard for value, so that a pod can
tolerate all taints of a particular category.
Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).
type: string
tolerationSeconds:
description: |-
@@ -3239,9 +3256,10 @@ spec:
operator:
description: |-
Operator represents a key's relationship to the value.
Valid operators are Exists and Equal. Defaults to Equal.
Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.
Exists is equivalent to wildcard for value, so that a pod can
tolerate all taints of a particular category.
Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).
type: string
tolerationSeconds:
description: |-
@@ -3498,8 +3516,8 @@ spec:
properties:
audiences:
description: |-
TokenAudiences is an optional list of extra audiences to include in the token passed to Vault. The default token
consisting of the issuer's namespace and name is always included.
TokenAudiences is an optional list of extra audiences to include in the token passed to Vault.
The default audiences are always included in the token.
items:
type: string
type: array
@@ -3627,16 +3645,16 @@ spec:
type: object
venafi:
description: |-
Venafi configures this issuer to sign certificates using a Venafi TPP
or Venafi Cloud policy zone.
Venafi configures this issuer to sign certificates using a CyberArk Certificate Manager Self-Hosted
or SaaS policy zone.
properties:
cloud:
description: |-
Cloud specifies the Venafi cloud configuration settings.
Only one of TPP or Cloud may be specified.
Cloud specifies the CyberArk Certificate Manager SaaS configuration settings.
Only one of CyberArk Certificate Manager may be specified.
properties:
apiTokenSecretRef:
description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token.
description: APITokenSecretRef is a secret key selector for the CyberArk Certificate Manager SaaS API token.
properties:
key:
description: |-
@@ -3654,7 +3672,7 @@ spec:
type: object
url:
description: |-
URL is the base URL for Venafi Cloud.
URL is the base URL for CyberArk Certificate Manager SaaS.
Defaults to "https://api.venafi.cloud/".
type: string
required:
@@ -3662,13 +3680,13 @@ spec:
type: object
tpp:
description: |-
TPP specifies Trust Protection Platform configuration settings.
Only one of TPP or Cloud may be specified.
TPP specifies CyberArk Certificate Manager Self-Hosted configuration settings.
Only one of CyberArk Certificate Manager may be specified.
properties:
caBundle:
description: |-
Base64-encoded bundle of PEM CAs which will be used to validate the certificate
chain presented by the TPP server. Only used if using HTTPS; ignored for HTTP.
chain presented by the CyberArk Certificate Manager Self-Hosted server. Only used if using HTTPS; ignored for HTTP.
If undefined, the certificate bundle in the cert-manager controller container
is used to validate the chain.
format: byte
@@ -3676,7 +3694,7 @@ spec:
caBundleSecretRef:
description: |-
Reference to a Secret containing a base64-encoded bundle of PEM CAs
which will be used to validate the certificate chain presented by the TPP server.
which will be used to validate the certificate chain presented by the CyberArk Certificate Manager Self-Hosted server.
Only used if using HTTPS; ignored for HTTP. Mutually exclusive with CABundle.
If neither CABundle nor CABundleSecretRef is defined, the certificate bundle in
the cert-manager controller container is used to validate the TLS connection.
@@ -3697,7 +3715,7 @@ spec:
type: object
credentialsRef:
description: |-
CredentialsRef is a reference to a Secret containing the Venafi TPP API credentials.
CredentialsRef is a reference to a Secret containing the CyberArk Certificate Manager Self-Hosted API credentials.
The secret must contain the key 'access-token' for the Access Token Authentication,
or two keys, 'username' and 'password' for the API Keys Authentication.
properties:
@@ -3711,7 +3729,7 @@ spec:
type: object
url:
description: |-
URL is the base URL for the vedsdk endpoint of the Venafi TPP instance,
URL is the base URL for the vedsdk endpoint of the CyberArk Certificate Manager Self-Hosted instance,
for example: "https://tpp.example.com/vedsdk".
type: string
required:
@@ -3720,8 +3738,8 @@ spec:
type: object
zone:
description: |-
Zone is the Venafi Policy Zone to use for this issuer.
All requests made to the Venafi platform will be restricted by the named
Zone is the Certificate Manager Policy Zone to use for this issuer.
All requests made to the Certificate Manager platform will be restricted by the named
zone policy.
This field is required.
type: string

8
clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-orders.acme.cert-manager.io.yaml
View File

@@ -9,9 +9,9 @@ metadata:
app.kubernetes.io/name: "cert-manager"
app.kubernetes.io/instance: "cert-manager"
app.kubernetes.io/component: "crds"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
spec:
group: acme.cert-manager.io
names:
@@ -270,6 +270,10 @@ spec:
- metadata
- spec
type: object
selectableFields:
- jsonPath: .spec.issuerRef.group
- jsonPath: .spec.issuerRef.kind
- jsonPath: .spec.issuerRef.name
served: true
storage: true
subresources:

10
clusters/cl01tl/manifests/cert-manager/Deployment-cert-manager-cainjector.yaml
View File

@@ -8,9 +8,9 @@ metadata:
app.kubernetes.io/name: cainjector
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "cainjector"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
spec:
replicas: 2
selector:
@@ -25,9 +25,9 @@ spec:
app.kubernetes.io/name: cainjector
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "cainjector"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
spec:
serviceAccountName: cert-manager-cainjector
enableServiceLinks: false
@@ -37,7 +37,7 @@ spec:
type: RuntimeDefault
containers:
- name: cert-manager-cainjector
image: "quay.io/jetstack/cert-manager-cainjector:v1.19.4"
image: "quay.io/jetstack/cert-manager-cainjector:v1.20.0"
imagePullPolicy: IfNotPresent
args:
- --v=2

10
clusters/cl01tl/manifests/cert-manager/Deployment-cert-manager-webhook.yaml
View File

@@ -8,9 +8,9 @@ metadata:
app.kubernetes.io/name: webhook
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "webhook"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
spec:
replicas: 1
selector:
@@ -25,9 +25,9 @@ spec:
app.kubernetes.io/name: webhook
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "webhook"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
spec:
serviceAccountName: cert-manager-webhook
enableServiceLinks: false
@@ -37,7 +37,7 @@ spec:
type: RuntimeDefault
containers:
- name: cert-manager-webhook
image: "quay.io/jetstack/cert-manager-webhook:v1.19.4"
image: "quay.io/jetstack/cert-manager-webhook:v1.20.0"
imagePullPolicy: IfNotPresent
args:
- --v=2

12
clusters/cl01tl/manifests/cert-manager/Deployment-cert-manager.yaml
View File

@@ -8,9 +8,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
spec:
replicas: 2
selector:
@@ -25,9 +25,9 @@ spec:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
spec:
serviceAccountName: cert-manager
enableServiceLinks: false
@@ -37,13 +37,13 @@ spec:
type: RuntimeDefault
containers:
- name: cert-manager-controller
image: "quay.io/jetstack/cert-manager-controller:v1.19.4"
image: "quay.io/jetstack/cert-manager-controller:v1.20.0"
imagePullPolicy: IfNotPresent
args:
- --v=2
- --cluster-resource-namespace=$(POD_NAMESPACE)
- --leader-election-namespace=kube-system
- --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.19.4
- --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.20.0
- --enable-gateway-api
- --max-concurrent-challenges=60
ports:

10
clusters/cl01tl/manifests/cert-manager/Job-cert-manager-startupapicheck.yaml
View File

@@ -8,9 +8,9 @@ metadata:
app.kubernetes.io/name: startupapicheck
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "startupapicheck"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
annotations:
helm.sh/hook: post-install
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
@@ -24,9 +24,9 @@ spec:
app.kubernetes.io/name: startupapicheck
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "startupapicheck"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
spec:
restartPolicy: OnFailure
serviceAccountName: cert-manager-startupapicheck
@@ -37,7 +37,7 @@ spec:
type: RuntimeDefault
containers:
- name: cert-manager-startupapicheck
image: "quay.io/jetstack/cert-manager-startupapicheck:v1.19.4"
image: "quay.io/jetstack/cert-manager-startupapicheck:v1.20.0"
imagePullPolicy: IfNotPresent
args:
- check

4
clusters/cl01tl/manifests/cert-manager/MutatingWebhookConfiguration-cert-manager-webhook.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: webhook
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "webhook"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
annotations:
cert-manager.io/inject-ca-from-secret: "cert-manager/cert-manager-webhook-ca"
webhooks:

4
clusters/cl01tl/manifests/cert-manager/Role-cert-manager-cainjector:leaderelection.yaml
View File

@@ -8,9 +8,9 @@ metadata:
app.kubernetes.io/name: cainjector
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "cainjector"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
rules:
- apiGroups: ["coordination.k8s.io"]
resources: ["leases"]

4
clusters/cl01tl/manifests/cert-manager/Role-cert-manager-startupapicheck:create-cert.yaml
View File

@@ -8,9 +8,9 @@ metadata:
app.kubernetes.io/name: startupapicheck
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "startupapicheck"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
annotations:
helm.sh/hook: post-install
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded

4
clusters/cl01tl/manifests/cert-manager/Role-cert-manager-tokenrequest.yaml
View File

@@ -8,9 +8,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
rules:
- apiGroups: [""]
resources: ["serviceaccounts/token"]

4
clusters/cl01tl/manifests/cert-manager/Role-cert-manager-webhook:dynamic-serving.yaml
View File

@@ -8,9 +8,9 @@ metadata:
app.kubernetes.io/name: webhook
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "webhook"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
rules:
- apiGroups: [""]
resources: ["secrets"]

4
clusters/cl01tl/manifests/cert-manager/Role-cert-manager:leaderelection.yaml
View File

@@ -8,9 +8,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
rules:
- apiGroups: ["coordination.k8s.io"]
resources: ["leases"]

4
clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager-cainjector:leaderelection.yaml
View File

@@ -8,9 +8,9 @@ metadata:
app.kubernetes.io/name: cainjector
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "cainjector"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role

4
clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager-startupapicheck:create-cert.yaml
View File

@@ -8,9 +8,9 @@ metadata:
app.kubernetes.io/name: startupapicheck
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "startupapicheck"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
annotations:
helm.sh/hook: post-install
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded

4
clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager-tokenrequest.yaml
View File

@@ -8,9 +8,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role

4
clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager-webhook:dynamic-serving.yaml
View File

@@ -8,9 +8,9 @@ metadata:
app.kubernetes.io/name: webhook
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "webhook"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role

4
clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager:leaderelection.yaml
View File

@@ -8,9 +8,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role

4
clusters/cl01tl/manifests/cert-manager/Service-cert-manager-cainjector.yaml
View File

@@ -8,9 +8,9 @@ metadata:
app.kubernetes.io/name: cainjector
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "cainjector"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
spec:
type: ClusterIP
ports:

4
clusters/cl01tl/manifests/cert-manager/Service-cert-manager-webhook.yaml
View File

@@ -8,9 +8,9 @@ metadata:
app.kubernetes.io/name: webhook
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "webhook"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
spec:
type: ClusterIP
ports:

4
clusters/cl01tl/manifests/cert-manager/Service-cert-manager.yaml
View File

@@ -8,9 +8,9 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
spec:
type: ClusterIP
ports:

4
clusters/cl01tl/manifests/cert-manager/ServiceAccount-cert-manager-cainjector.yaml
View File

@@ -9,6 +9,6 @@ metadata:
app.kubernetes.io/name: cainjector
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "cainjector"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0

4
clusters/cl01tl/manifests/cert-manager/ServiceAccount-cert-manager-startupapicheck.yaml
View File

@@ -13,6 +13,6 @@ metadata:
app.kubernetes.io/name: startupapicheck
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "startupapicheck"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0

4
clusters/cl01tl/manifests/cert-manager/ServiceAccount-cert-manager-webhook.yaml
View File

@@ -9,6 +9,6 @@ metadata:
app.kubernetes.io/name: webhook
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "webhook"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0

4
clusters/cl01tl/manifests/cert-manager/ServiceAccount-cert-manager.yaml
View File

@@ -9,6 +9,6 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0

6
clusters/cl01tl/manifests/cert-manager/ServiceMonitor-cert-manager.yaml
View File

@@ -8,12 +8,12 @@ metadata:
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
prometheus: default
spec:
jobLabel: cert-manager
jobLabel: app.kubernetes.io/name
selector:
matchExpressions:
- key: app.kubernetes.io/name

4
clusters/cl01tl/manifests/cert-manager/ValidatingWebhookConfiguration-cert-manager-webhook.yaml
View File

@@ -7,9 +7,9 @@ metadata:
app.kubernetes.io/name: webhook
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "webhook"
app.kubernetes.io/version: "v1.19.4"
app.kubernetes.io/version: "v1.20.0"
app.kubernetes.io/managed-by: Helm
helm.sh/chart: cert-manager-v1.19.4
helm.sh/chart: cert-manager-v1.20.0
annotations:
cert-manager.io/inject-ca-from-secret: "cert-manager/cert-manager-webhook-ca"
webhooks: