Automated Manifest Update #4583
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cainjector
|
app.kubernetes.io/name: cainjector
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "cainjector"
|
app.kubernetes.io/component: "cainjector"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
rules:
|
rules:
|
||||||
- apiGroups: ["cert-manager.io"]
|
- apiGroups: ["cert-manager.io"]
|
||||||
resources: ["certificates"]
|
resources: ["certificates"]
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
rbac.authorization.k8s.io/aggregate-to-cluster-reader: "true"
|
rbac.authorization.k8s.io/aggregate-to-cluster-reader: "true"
|
||||||
rules:
|
rules:
|
||||||
- apiGroups: ["cert-manager.io"]
|
- apiGroups: ["cert-manager.io"]
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "cert-manager"
|
app.kubernetes.io/component: "cert-manager"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
rules:
|
rules:
|
||||||
- apiGroups: ["cert-manager.io"]
|
- apiGroups: ["cert-manager.io"]
|
||||||
resources: ["signers"]
|
resources: ["signers"]
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
rules:
|
rules:
|
||||||
- apiGroups: ["cert-manager.io"]
|
- apiGroups: ["cert-manager.io"]
|
||||||
resources: ["certificates", "certificates/status", "certificaterequests", "certificaterequests/status"]
|
resources: ["certificates", "certificates/status", "certificaterequests", "certificaterequests/status"]
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "cert-manager"
|
app.kubernetes.io/component: "cert-manager"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
rules:
|
rules:
|
||||||
- apiGroups: ["certificates.k8s.io"]
|
- apiGroups: ["certificates.k8s.io"]
|
||||||
resources: ["certificatesigningrequests"]
|
resources: ["certificatesigningrequests"]
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
rules:
|
rules:
|
||||||
- apiGroups: ["acme.cert-manager.io"]
|
- apiGroups: ["acme.cert-manager.io"]
|
||||||
resources: ["challenges", "challenges/status"]
|
resources: ["challenges", "challenges/status"]
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
rules:
|
rules:
|
||||||
- apiGroups: ["cert-manager.io"]
|
- apiGroups: ["cert-manager.io"]
|
||||||
resources: ["clusterissuers", "clusterissuers/status"]
|
resources: ["clusterissuers", "clusterissuers/status"]
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
rules:
|
rules:
|
||||||
- apiGroups: ["cert-manager.io"]
|
- apiGroups: ["cert-manager.io"]
|
||||||
resources: ["certificates", "certificaterequests"]
|
resources: ["certificates", "certificaterequests"]
|
||||||
@@ -24,10 +24,10 @@ rules:
|
|||||||
resources: ["ingresses/finalizers"]
|
resources: ["ingresses/finalizers"]
|
||||||
verbs: ["update"]
|
verbs: ["update"]
|
||||||
- apiGroups: ["gateway.networking.k8s.io"]
|
- apiGroups: ["gateway.networking.k8s.io"]
|
||||||
resources: ["gateways", "httproutes"]
|
resources: ["gateways", "httproutes", "listenersets"]
|
||||||
verbs: ["get", "list", "watch"]
|
verbs: ["get", "list", "watch"]
|
||||||
- apiGroups: ["gateway.networking.k8s.io"]
|
- apiGroups: ["gateway.networking.k8s.io"]
|
||||||
resources: ["gateways/finalizers", "httproutes/finalizers"]
|
resources: ["gateways/finalizers", "httproutes/finalizers", "listenersets/finalizers"]
|
||||||
verbs: ["update"]
|
verbs: ["update"]
|
||||||
- apiGroups: [""]
|
- apiGroups: [""]
|
||||||
resources: ["events"]
|
resources: ["events"]
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
rules:
|
rules:
|
||||||
- apiGroups: ["cert-manager.io"]
|
- apiGroups: ["cert-manager.io"]
|
||||||
resources: ["issuers", "issuers/status"]
|
resources: ["issuers", "issuers/status"]
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
rules:
|
rules:
|
||||||
- apiGroups: ["acme.cert-manager.io"]
|
- apiGroups: ["acme.cert-manager.io"]
|
||||||
resources: ["orders", "orders/status"]
|
resources: ["orders", "orders/status"]
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
rbac.authorization.k8s.io/aggregate-to-edit: "true"
|
rbac.authorization.k8s.io/aggregate-to-edit: "true"
|
||||||
rbac.authorization.k8s.io/aggregate-to-admin: "true"
|
rbac.authorization.k8s.io/aggregate-to-admin: "true"
|
||||||
rules:
|
rules:
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
rbac.authorization.k8s.io/aggregate-to-view: "true"
|
rbac.authorization.k8s.io/aggregate-to-view: "true"
|
||||||
rbac.authorization.k8s.io/aggregate-to-edit: "true"
|
rbac.authorization.k8s.io/aggregate-to-edit: "true"
|
||||||
rbac.authorization.k8s.io/aggregate-to-admin: "true"
|
rbac.authorization.k8s.io/aggregate-to-admin: "true"
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: webhook
|
app.kubernetes.io/name: webhook
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "webhook"
|
app.kubernetes.io/component: "webhook"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
rules:
|
rules:
|
||||||
- apiGroups: ["authorization.k8s.io"]
|
- apiGroups: ["authorization.k8s.io"]
|
||||||
resources: ["subjectaccessreviews"]
|
resources: ["subjectaccessreviews"]
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cainjector
|
app.kubernetes.io/name: cainjector
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "cainjector"
|
app.kubernetes.io/component: "cainjector"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
roleRef:
|
roleRef:
|
||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "cert-manager"
|
app.kubernetes.io/component: "cert-manager"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
roleRef:
|
roleRef:
|
||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
roleRef:
|
roleRef:
|
||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "cert-manager"
|
app.kubernetes.io/component: "cert-manager"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
roleRef:
|
roleRef:
|
||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
roleRef:
|
roleRef:
|
||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
roleRef:
|
roleRef:
|
||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
roleRef:
|
roleRef:
|
||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
roleRef:
|
roleRef:
|
||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
roleRef:
|
roleRef:
|
||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: webhook
|
app.kubernetes.io/name: webhook
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "webhook"
|
app.kubernetes.io/component: "webhook"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
roleRef:
|
roleRef:
|
||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
|
|||||||
@@ -9,9 +9,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: "cert-manager"
|
app.kubernetes.io/name: "cert-manager"
|
||||||
app.kubernetes.io/instance: "cert-manager"
|
app.kubernetes.io/instance: "cert-manager"
|
||||||
app.kubernetes.io/component: "crds"
|
app.kubernetes.io/component: "crds"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
spec:
|
spec:
|
||||||
group: cert-manager.io
|
group: cert-manager.io
|
||||||
names:
|
names:
|
||||||
@@ -315,6 +315,10 @@ spec:
|
|||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
selectableFields:
|
||||||
|
- jsonPath: .spec.issuerRef.group
|
||||||
|
- jsonPath: .spec.issuerRef.kind
|
||||||
|
- jsonPath: .spec.issuerRef.name
|
||||||
served: true
|
served: true
|
||||||
storage: true
|
storage: true
|
||||||
subresources:
|
subresources:
|
||||||
|
|||||||
@@ -9,9 +9,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: "cert-manager"
|
app.kubernetes.io/name: "cert-manager"
|
||||||
app.kubernetes.io/instance: "cert-manager"
|
app.kubernetes.io/instance: "cert-manager"
|
||||||
app.kubernetes.io/component: "crds"
|
app.kubernetes.io/component: "crds"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
spec:
|
spec:
|
||||||
group: cert-manager.io
|
group: cert-manager.io
|
||||||
names:
|
names:
|
||||||
@@ -454,9 +454,6 @@ spec:
|
|||||||
will be generated whenever a re-issuance occurs.
|
will be generated whenever a re-issuance occurs.
|
||||||
Default is `Always`.
|
Default is `Always`.
|
||||||
The default was changed from `Never` to `Always` in cert-manager >=v1.18.0.
|
The default was changed from `Never` to `Always` in cert-manager >=v1.18.0.
|
||||||
The new default can be disabled by setting the
|
|
||||||
`--feature-gates=DefaultPrivateKeyRotationPolicyAlways=false` option on
|
|
||||||
the controller component.
|
|
||||||
enum:
|
enum:
|
||||||
- Never
|
- Never
|
||||||
- Always
|
- Always
|
||||||
@@ -812,6 +809,10 @@ spec:
|
|||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
selectableFields:
|
||||||
|
- jsonPath: .spec.issuerRef.group
|
||||||
|
- jsonPath: .spec.issuerRef.kind
|
||||||
|
- jsonPath: .spec.issuerRef.name
|
||||||
served: true
|
served: true
|
||||||
storage: true
|
storage: true
|
||||||
subresources:
|
subresources:
|
||||||
|
|||||||
@@ -9,9 +9,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: "cert-manager"
|
app.kubernetes.io/name: "cert-manager"
|
||||||
app.kubernetes.io/instance: "cert-manager"
|
app.kubernetes.io/instance: "cert-manager"
|
||||||
app.kubernetes.io/component: "crds"
|
app.kubernetes.io/component: "crds"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
spec:
|
spec:
|
||||||
group: acme.cert-manager.io
|
group: acme.cert-manager.io
|
||||||
names:
|
names:
|
||||||
@@ -286,6 +286,22 @@ spec:
|
|||||||
The TenantID of the Azure Service Principal used to authenticate with Azure DNS.
|
The TenantID of the Azure Service Principal used to authenticate with Azure DNS.
|
||||||
If set, ClientID and ClientSecret must also be set.
|
If set, ClientID and ClientSecret must also be set.
|
||||||
type: string
|
type: string
|
||||||
|
zoneType:
|
||||||
|
description: |-
|
||||||
|
ZoneType determines which type of Azure DNS zone to use.
|
||||||
|
|
||||||
|
Valid values are:
|
||||||
|
- AzurePublicZone (default): Use a public Azure DNS zone.
|
||||||
|
- AzurePrivateZone: Use an Azure Private DNS zone.
|
||||||
|
|
||||||
|
If not specified, AzurePublicZone is used.
|
||||||
|
|
||||||
|
Support for Azure Private DNS zones is currently
|
||||||
|
experimental and may change in future releases.
|
||||||
|
enum:
|
||||||
|
- AzurePublicZone
|
||||||
|
- AzurePrivateZone
|
||||||
|
type: string
|
||||||
required:
|
required:
|
||||||
- resourceGroupName
|
- resourceGroupName
|
||||||
- subscriptionID
|
- subscriptionID
|
||||||
@@ -409,7 +425,7 @@ spec:
|
|||||||
description: |-
|
description: |-
|
||||||
The IP address or hostname of an authoritative DNS server supporting
|
The IP address or hostname of an authoritative DNS server supporting
|
||||||
RFC2136 in the form host:port. If the host is an IPv6 address it must be
|
RFC2136 in the form host:port. If the host is an IPv6 address it must be
|
||||||
enclosed in square brackets (e.g [2001:db8::1]) ; port is optional.
|
enclosed in square brackets (e.g [2001:db8::1]); port is optional.
|
||||||
This field is required.
|
This field is required.
|
||||||
type: string
|
type: string
|
||||||
protocol:
|
protocol:
|
||||||
@@ -459,8 +475,8 @@ spec:
|
|||||||
description: |-
|
description: |-
|
||||||
The AccessKeyID is used for authentication.
|
The AccessKeyID is used for authentication.
|
||||||
Cannot be set when SecretAccessKeyID is set.
|
Cannot be set when SecretAccessKeyID is set.
|
||||||
If neither the Access Key nor Key ID are set, we fall-back to using env
|
If neither the Access Key nor Key ID are set, we fall back to using env
|
||||||
vars, shared credentials file or AWS Instance metadata,
|
vars, shared credentials file, or AWS Instance metadata,
|
||||||
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
|
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
|
||||||
type: string
|
type: string
|
||||||
accessKeyIDSecretRef:
|
accessKeyIDSecretRef:
|
||||||
@@ -468,8 +484,8 @@ spec:
|
|||||||
The SecretAccessKey is used for authentication. If set, pull the AWS
|
The SecretAccessKey is used for authentication. If set, pull the AWS
|
||||||
access key ID from a key within a Kubernetes Secret.
|
access key ID from a key within a Kubernetes Secret.
|
||||||
Cannot be set when AccessKeyID is set.
|
Cannot be set when AccessKeyID is set.
|
||||||
If neither the Access Key nor Key ID are set, we fall-back to using env
|
If neither the Access Key nor Key ID are set, we fall back to using env
|
||||||
vars, shared credentials file or AWS Instance metadata,
|
vars, shared credentials file, or AWS Instance metadata,
|
||||||
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
|
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
|
||||||
properties:
|
properties:
|
||||||
key:
|
key:
|
||||||
@@ -558,8 +574,8 @@ spec:
|
|||||||
secretAccessKeySecretRef:
|
secretAccessKeySecretRef:
|
||||||
description: |-
|
description: |-
|
||||||
The SecretAccessKey is used for authentication.
|
The SecretAccessKey is used for authentication.
|
||||||
If neither the Access Key nor Key ID are set, we fall-back to using env
|
If neither the Access Key nor Key ID are set, we fall back to using env
|
||||||
vars, shared credentials file or AWS Instance metadata,
|
vars, shared credentials file, or AWS Instance metadata,
|
||||||
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
|
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
|
||||||
properties:
|
properties:
|
||||||
key:
|
key:
|
||||||
@@ -1916,9 +1932,10 @@ spec:
|
|||||||
operator:
|
operator:
|
||||||
description: |-
|
description: |-
|
||||||
Operator represents a key's relationship to the value.
|
Operator represents a key's relationship to the value.
|
||||||
Valid operators are Exists and Equal. Defaults to Equal.
|
Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.
|
||||||
Exists is equivalent to wildcard for value, so that a pod can
|
Exists is equivalent to wildcard for value, so that a pod can
|
||||||
tolerate all taints of a particular category.
|
tolerate all taints of a particular category.
|
||||||
|
Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).
|
||||||
type: string
|
type: string
|
||||||
tolerationSeconds:
|
tolerationSeconds:
|
||||||
description: |-
|
description: |-
|
||||||
@@ -3127,9 +3144,10 @@ spec:
|
|||||||
operator:
|
operator:
|
||||||
description: |-
|
description: |-
|
||||||
Operator represents a key's relationship to the value.
|
Operator represents a key's relationship to the value.
|
||||||
Valid operators are Exists and Equal. Defaults to Equal.
|
Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.
|
||||||
Exists is equivalent to wildcard for value, so that a pod can
|
Exists is equivalent to wildcard for value, so that a pod can
|
||||||
tolerate all taints of a particular category.
|
tolerate all taints of a particular category.
|
||||||
|
Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).
|
||||||
type: string
|
type: string
|
||||||
tolerationSeconds:
|
tolerationSeconds:
|
||||||
description: |-
|
description: |-
|
||||||
@@ -3277,6 +3295,10 @@ spec:
|
|||||||
- metadata
|
- metadata
|
||||||
- spec
|
- spec
|
||||||
type: object
|
type: object
|
||||||
|
selectableFields:
|
||||||
|
- jsonPath: .spec.issuerRef.group
|
||||||
|
- jsonPath: .spec.issuerRef.kind
|
||||||
|
- jsonPath: .spec.issuerRef.name
|
||||||
served: true
|
served: true
|
||||||
storage: true
|
storage: true
|
||||||
subresources:
|
subresources:
|
||||||
|
|||||||
@@ -9,9 +9,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: "cert-manager"
|
app.kubernetes.io/name: "cert-manager"
|
||||||
app.kubernetes.io/instance: "cert-manager"
|
app.kubernetes.io/instance: "cert-manager"
|
||||||
app.kubernetes.io/component: "crds"
|
app.kubernetes.io/component: "crds"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
spec:
|
spec:
|
||||||
group: cert-manager.io
|
group: cert-manager.io
|
||||||
names:
|
names:
|
||||||
@@ -399,6 +399,22 @@ spec:
|
|||||||
The TenantID of the Azure Service Principal used to authenticate with Azure DNS.
|
The TenantID of the Azure Service Principal used to authenticate with Azure DNS.
|
||||||
If set, ClientID and ClientSecret must also be set.
|
If set, ClientID and ClientSecret must also be set.
|
||||||
type: string
|
type: string
|
||||||
|
zoneType:
|
||||||
|
description: |-
|
||||||
|
ZoneType determines which type of Azure DNS zone to use.
|
||||||
|
|
||||||
|
Valid values are:
|
||||||
|
- AzurePublicZone (default): Use a public Azure DNS zone.
|
||||||
|
- AzurePrivateZone: Use an Azure Private DNS zone.
|
||||||
|
|
||||||
|
If not specified, AzurePublicZone is used.
|
||||||
|
|
||||||
|
Support for Azure Private DNS zones is currently
|
||||||
|
experimental and may change in future releases.
|
||||||
|
enum:
|
||||||
|
- AzurePublicZone
|
||||||
|
- AzurePrivateZone
|
||||||
|
type: string
|
||||||
required:
|
required:
|
||||||
- resourceGroupName
|
- resourceGroupName
|
||||||
- subscriptionID
|
- subscriptionID
|
||||||
@@ -522,7 +538,7 @@ spec:
|
|||||||
description: |-
|
description: |-
|
||||||
The IP address or hostname of an authoritative DNS server supporting
|
The IP address or hostname of an authoritative DNS server supporting
|
||||||
RFC2136 in the form host:port. If the host is an IPv6 address it must be
|
RFC2136 in the form host:port. If the host is an IPv6 address it must be
|
||||||
enclosed in square brackets (e.g [2001:db8::1]) ; port is optional.
|
enclosed in square brackets (e.g [2001:db8::1]); port is optional.
|
||||||
This field is required.
|
This field is required.
|
||||||
type: string
|
type: string
|
||||||
protocol:
|
protocol:
|
||||||
@@ -572,8 +588,8 @@ spec:
|
|||||||
description: |-
|
description: |-
|
||||||
The AccessKeyID is used for authentication.
|
The AccessKeyID is used for authentication.
|
||||||
Cannot be set when SecretAccessKeyID is set.
|
Cannot be set when SecretAccessKeyID is set.
|
||||||
If neither the Access Key nor Key ID are set, we fall-back to using env
|
If neither the Access Key nor Key ID are set, we fall back to using env
|
||||||
vars, shared credentials file or AWS Instance metadata,
|
vars, shared credentials file, or AWS Instance metadata,
|
||||||
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
|
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
|
||||||
type: string
|
type: string
|
||||||
accessKeyIDSecretRef:
|
accessKeyIDSecretRef:
|
||||||
@@ -581,8 +597,8 @@ spec:
|
|||||||
The SecretAccessKey is used for authentication. If set, pull the AWS
|
The SecretAccessKey is used for authentication. If set, pull the AWS
|
||||||
access key ID from a key within a Kubernetes Secret.
|
access key ID from a key within a Kubernetes Secret.
|
||||||
Cannot be set when AccessKeyID is set.
|
Cannot be set when AccessKeyID is set.
|
||||||
If neither the Access Key nor Key ID are set, we fall-back to using env
|
If neither the Access Key nor Key ID are set, we fall back to using env
|
||||||
vars, shared credentials file or AWS Instance metadata,
|
vars, shared credentials file, or AWS Instance metadata,
|
||||||
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
|
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
|
||||||
properties:
|
properties:
|
||||||
key:
|
key:
|
||||||
@@ -671,8 +687,8 @@ spec:
|
|||||||
secretAccessKeySecretRef:
|
secretAccessKeySecretRef:
|
||||||
description: |-
|
description: |-
|
||||||
The SecretAccessKey is used for authentication.
|
The SecretAccessKey is used for authentication.
|
||||||
If neither the Access Key nor Key ID are set, we fall-back to using env
|
If neither the Access Key nor Key ID are set, we fall back to using env
|
||||||
vars, shared credentials file or AWS Instance metadata,
|
vars, shared credentials file, or AWS Instance metadata,
|
||||||
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
|
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
|
||||||
properties:
|
properties:
|
||||||
key:
|
key:
|
||||||
@@ -2029,9 +2045,10 @@ spec:
|
|||||||
operator:
|
operator:
|
||||||
description: |-
|
description: |-
|
||||||
Operator represents a key's relationship to the value.
|
Operator represents a key's relationship to the value.
|
||||||
Valid operators are Exists and Equal. Defaults to Equal.
|
Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.
|
||||||
Exists is equivalent to wildcard for value, so that a pod can
|
Exists is equivalent to wildcard for value, so that a pod can
|
||||||
tolerate all taints of a particular category.
|
tolerate all taints of a particular category.
|
||||||
|
Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).
|
||||||
type: string
|
type: string
|
||||||
tolerationSeconds:
|
tolerationSeconds:
|
||||||
description: |-
|
description: |-
|
||||||
@@ -3240,9 +3257,10 @@ spec:
|
|||||||
operator:
|
operator:
|
||||||
description: |-
|
description: |-
|
||||||
Operator represents a key's relationship to the value.
|
Operator represents a key's relationship to the value.
|
||||||
Valid operators are Exists and Equal. Defaults to Equal.
|
Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.
|
||||||
Exists is equivalent to wildcard for value, so that a pod can
|
Exists is equivalent to wildcard for value, so that a pod can
|
||||||
tolerate all taints of a particular category.
|
tolerate all taints of a particular category.
|
||||||
|
Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).
|
||||||
type: string
|
type: string
|
||||||
tolerationSeconds:
|
tolerationSeconds:
|
||||||
description: |-
|
description: |-
|
||||||
@@ -3499,8 +3517,8 @@ spec:
|
|||||||
properties:
|
properties:
|
||||||
audiences:
|
audiences:
|
||||||
description: |-
|
description: |-
|
||||||
TokenAudiences is an optional list of extra audiences to include in the token passed to Vault. The default token
|
TokenAudiences is an optional list of extra audiences to include in the token passed to Vault.
|
||||||
consisting of the issuer's namespace and name is always included.
|
The default audiences are always included in the token.
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
@@ -3628,16 +3646,16 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
venafi:
|
venafi:
|
||||||
description: |-
|
description: |-
|
||||||
Venafi configures this issuer to sign certificates using a Venafi TPP
|
Venafi configures this issuer to sign certificates using a CyberArk Certificate Manager Self-Hosted
|
||||||
or Venafi Cloud policy zone.
|
or SaaS policy zone.
|
||||||
properties:
|
properties:
|
||||||
cloud:
|
cloud:
|
||||||
description: |-
|
description: |-
|
||||||
Cloud specifies the Venafi cloud configuration settings.
|
Cloud specifies the CyberArk Certificate Manager SaaS configuration settings.
|
||||||
Only one of TPP or Cloud may be specified.
|
Only one of CyberArk Certificate Manager may be specified.
|
||||||
properties:
|
properties:
|
||||||
apiTokenSecretRef:
|
apiTokenSecretRef:
|
||||||
description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token.
|
description: APITokenSecretRef is a secret key selector for the CyberArk Certificate Manager SaaS API token.
|
||||||
properties:
|
properties:
|
||||||
key:
|
key:
|
||||||
description: |-
|
description: |-
|
||||||
@@ -3655,7 +3673,7 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
url:
|
url:
|
||||||
description: |-
|
description: |-
|
||||||
URL is the base URL for Venafi Cloud.
|
URL is the base URL for CyberArk Certificate Manager SaaS.
|
||||||
Defaults to "https://api.venafi.cloud/".
|
Defaults to "https://api.venafi.cloud/".
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
@@ -3663,13 +3681,13 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
tpp:
|
tpp:
|
||||||
description: |-
|
description: |-
|
||||||
TPP specifies Trust Protection Platform configuration settings.
|
TPP specifies CyberArk Certificate Manager Self-Hosted configuration settings.
|
||||||
Only one of TPP or Cloud may be specified.
|
Only one of CyberArk Certificate Manager may be specified.
|
||||||
properties:
|
properties:
|
||||||
caBundle:
|
caBundle:
|
||||||
description: |-
|
description: |-
|
||||||
Base64-encoded bundle of PEM CAs which will be used to validate the certificate
|
Base64-encoded bundle of PEM CAs which will be used to validate the certificate
|
||||||
chain presented by the TPP server. Only used if using HTTPS; ignored for HTTP.
|
chain presented by the CyberArk Certificate Manager Self-Hosted server. Only used if using HTTPS; ignored for HTTP.
|
||||||
If undefined, the certificate bundle in the cert-manager controller container
|
If undefined, the certificate bundle in the cert-manager controller container
|
||||||
is used to validate the chain.
|
is used to validate the chain.
|
||||||
format: byte
|
format: byte
|
||||||
@@ -3677,7 +3695,7 @@ spec:
|
|||||||
caBundleSecretRef:
|
caBundleSecretRef:
|
||||||
description: |-
|
description: |-
|
||||||
Reference to a Secret containing a base64-encoded bundle of PEM CAs
|
Reference to a Secret containing a base64-encoded bundle of PEM CAs
|
||||||
which will be used to validate the certificate chain presented by the TPP server.
|
which will be used to validate the certificate chain presented by the CyberArk Certificate Manager Self-Hosted server.
|
||||||
Only used if using HTTPS; ignored for HTTP. Mutually exclusive with CABundle.
|
Only used if using HTTPS; ignored for HTTP. Mutually exclusive with CABundle.
|
||||||
If neither CABundle nor CABundleSecretRef is defined, the certificate bundle in
|
If neither CABundle nor CABundleSecretRef is defined, the certificate bundle in
|
||||||
the cert-manager controller container is used to validate the TLS connection.
|
the cert-manager controller container is used to validate the TLS connection.
|
||||||
@@ -3698,7 +3716,7 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
credentialsRef:
|
credentialsRef:
|
||||||
description: |-
|
description: |-
|
||||||
CredentialsRef is a reference to a Secret containing the Venafi TPP API credentials.
|
CredentialsRef is a reference to a Secret containing the CyberArk Certificate Manager Self-Hosted API credentials.
|
||||||
The secret must contain the key 'access-token' for the Access Token Authentication,
|
The secret must contain the key 'access-token' for the Access Token Authentication,
|
||||||
or two keys, 'username' and 'password' for the API Keys Authentication.
|
or two keys, 'username' and 'password' for the API Keys Authentication.
|
||||||
properties:
|
properties:
|
||||||
@@ -3712,7 +3730,7 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
url:
|
url:
|
||||||
description: |-
|
description: |-
|
||||||
URL is the base URL for the vedsdk endpoint of the Venafi TPP instance,
|
URL is the base URL for the vedsdk endpoint of the CyberArk Certificate Manager Self-Hosted instance,
|
||||||
for example: "https://tpp.example.com/vedsdk".
|
for example: "https://tpp.example.com/vedsdk".
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
@@ -3721,8 +3739,8 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
zone:
|
zone:
|
||||||
description: |-
|
description: |-
|
||||||
Zone is the Venafi Policy Zone to use for this issuer.
|
Zone is the Certificate Manager Policy Zone to use for this issuer.
|
||||||
All requests made to the Venafi platform will be restricted by the named
|
All requests made to the Certificate Manager platform will be restricted by the named
|
||||||
zone policy.
|
zone policy.
|
||||||
This field is required.
|
This field is required.
|
||||||
type: string
|
type: string
|
||||||
|
|||||||
@@ -9,9 +9,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: "cert-manager"
|
app.kubernetes.io/name: "cert-manager"
|
||||||
app.kubernetes.io/instance: "cert-manager"
|
app.kubernetes.io/instance: "cert-manager"
|
||||||
app.kubernetes.io/component: "crds"
|
app.kubernetes.io/component: "crds"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
spec:
|
spec:
|
||||||
group: cert-manager.io
|
group: cert-manager.io
|
||||||
names:
|
names:
|
||||||
@@ -398,6 +398,22 @@ spec:
|
|||||||
The TenantID of the Azure Service Principal used to authenticate with Azure DNS.
|
The TenantID of the Azure Service Principal used to authenticate with Azure DNS.
|
||||||
If set, ClientID and ClientSecret must also be set.
|
If set, ClientID and ClientSecret must also be set.
|
||||||
type: string
|
type: string
|
||||||
|
zoneType:
|
||||||
|
description: |-
|
||||||
|
ZoneType determines which type of Azure DNS zone to use.
|
||||||
|
|
||||||
|
Valid values are:
|
||||||
|
- AzurePublicZone (default): Use a public Azure DNS zone.
|
||||||
|
- AzurePrivateZone: Use an Azure Private DNS zone.
|
||||||
|
|
||||||
|
If not specified, AzurePublicZone is used.
|
||||||
|
|
||||||
|
Support for Azure Private DNS zones is currently
|
||||||
|
experimental and may change in future releases.
|
||||||
|
enum:
|
||||||
|
- AzurePublicZone
|
||||||
|
- AzurePrivateZone
|
||||||
|
type: string
|
||||||
required:
|
required:
|
||||||
- resourceGroupName
|
- resourceGroupName
|
||||||
- subscriptionID
|
- subscriptionID
|
||||||
@@ -521,7 +537,7 @@ spec:
|
|||||||
description: |-
|
description: |-
|
||||||
The IP address or hostname of an authoritative DNS server supporting
|
The IP address or hostname of an authoritative DNS server supporting
|
||||||
RFC2136 in the form host:port. If the host is an IPv6 address it must be
|
RFC2136 in the form host:port. If the host is an IPv6 address it must be
|
||||||
enclosed in square brackets (e.g [2001:db8::1]) ; port is optional.
|
enclosed in square brackets (e.g [2001:db8::1]); port is optional.
|
||||||
This field is required.
|
This field is required.
|
||||||
type: string
|
type: string
|
||||||
protocol:
|
protocol:
|
||||||
@@ -571,8 +587,8 @@ spec:
|
|||||||
description: |-
|
description: |-
|
||||||
The AccessKeyID is used for authentication.
|
The AccessKeyID is used for authentication.
|
||||||
Cannot be set when SecretAccessKeyID is set.
|
Cannot be set when SecretAccessKeyID is set.
|
||||||
If neither the Access Key nor Key ID are set, we fall-back to using env
|
If neither the Access Key nor Key ID are set, we fall back to using env
|
||||||
vars, shared credentials file or AWS Instance metadata,
|
vars, shared credentials file, or AWS Instance metadata,
|
||||||
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
|
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
|
||||||
type: string
|
type: string
|
||||||
accessKeyIDSecretRef:
|
accessKeyIDSecretRef:
|
||||||
@@ -580,8 +596,8 @@ spec:
|
|||||||
The SecretAccessKey is used for authentication. If set, pull the AWS
|
The SecretAccessKey is used for authentication. If set, pull the AWS
|
||||||
access key ID from a key within a Kubernetes Secret.
|
access key ID from a key within a Kubernetes Secret.
|
||||||
Cannot be set when AccessKeyID is set.
|
Cannot be set when AccessKeyID is set.
|
||||||
If neither the Access Key nor Key ID are set, we fall-back to using env
|
If neither the Access Key nor Key ID are set, we fall back to using env
|
||||||
vars, shared credentials file or AWS Instance metadata,
|
vars, shared credentials file, or AWS Instance metadata,
|
||||||
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
|
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
|
||||||
properties:
|
properties:
|
||||||
key:
|
key:
|
||||||
@@ -670,8 +686,8 @@ spec:
|
|||||||
secretAccessKeySecretRef:
|
secretAccessKeySecretRef:
|
||||||
description: |-
|
description: |-
|
||||||
The SecretAccessKey is used for authentication.
|
The SecretAccessKey is used for authentication.
|
||||||
If neither the Access Key nor Key ID are set, we fall-back to using env
|
If neither the Access Key nor Key ID are set, we fall back to using env
|
||||||
vars, shared credentials file or AWS Instance metadata,
|
vars, shared credentials file, or AWS Instance metadata,
|
||||||
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
|
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
|
||||||
properties:
|
properties:
|
||||||
key:
|
key:
|
||||||
@@ -2028,9 +2044,10 @@ spec:
|
|||||||
operator:
|
operator:
|
||||||
description: |-
|
description: |-
|
||||||
Operator represents a key's relationship to the value.
|
Operator represents a key's relationship to the value.
|
||||||
Valid operators are Exists and Equal. Defaults to Equal.
|
Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.
|
||||||
Exists is equivalent to wildcard for value, so that a pod can
|
Exists is equivalent to wildcard for value, so that a pod can
|
||||||
tolerate all taints of a particular category.
|
tolerate all taints of a particular category.
|
||||||
|
Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).
|
||||||
type: string
|
type: string
|
||||||
tolerationSeconds:
|
tolerationSeconds:
|
||||||
description: |-
|
description: |-
|
||||||
@@ -3239,9 +3256,10 @@ spec:
|
|||||||
operator:
|
operator:
|
||||||
description: |-
|
description: |-
|
||||||
Operator represents a key's relationship to the value.
|
Operator represents a key's relationship to the value.
|
||||||
Valid operators are Exists and Equal. Defaults to Equal.
|
Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.
|
||||||
Exists is equivalent to wildcard for value, so that a pod can
|
Exists is equivalent to wildcard for value, so that a pod can
|
||||||
tolerate all taints of a particular category.
|
tolerate all taints of a particular category.
|
||||||
|
Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).
|
||||||
type: string
|
type: string
|
||||||
tolerationSeconds:
|
tolerationSeconds:
|
||||||
description: |-
|
description: |-
|
||||||
@@ -3498,8 +3516,8 @@ spec:
|
|||||||
properties:
|
properties:
|
||||||
audiences:
|
audiences:
|
||||||
description: |-
|
description: |-
|
||||||
TokenAudiences is an optional list of extra audiences to include in the token passed to Vault. The default token
|
TokenAudiences is an optional list of extra audiences to include in the token passed to Vault.
|
||||||
consisting of the issuer's namespace and name is always included.
|
The default audiences are always included in the token.
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
@@ -3627,16 +3645,16 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
venafi:
|
venafi:
|
||||||
description: |-
|
description: |-
|
||||||
Venafi configures this issuer to sign certificates using a Venafi TPP
|
Venafi configures this issuer to sign certificates using a CyberArk Certificate Manager Self-Hosted
|
||||||
or Venafi Cloud policy zone.
|
or SaaS policy zone.
|
||||||
properties:
|
properties:
|
||||||
cloud:
|
cloud:
|
||||||
description: |-
|
description: |-
|
||||||
Cloud specifies the Venafi cloud configuration settings.
|
Cloud specifies the CyberArk Certificate Manager SaaS configuration settings.
|
||||||
Only one of TPP or Cloud may be specified.
|
Only one of CyberArk Certificate Manager may be specified.
|
||||||
properties:
|
properties:
|
||||||
apiTokenSecretRef:
|
apiTokenSecretRef:
|
||||||
description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token.
|
description: APITokenSecretRef is a secret key selector for the CyberArk Certificate Manager SaaS API token.
|
||||||
properties:
|
properties:
|
||||||
key:
|
key:
|
||||||
description: |-
|
description: |-
|
||||||
@@ -3654,7 +3672,7 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
url:
|
url:
|
||||||
description: |-
|
description: |-
|
||||||
URL is the base URL for Venafi Cloud.
|
URL is the base URL for CyberArk Certificate Manager SaaS.
|
||||||
Defaults to "https://api.venafi.cloud/".
|
Defaults to "https://api.venafi.cloud/".
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
@@ -3662,13 +3680,13 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
tpp:
|
tpp:
|
||||||
description: |-
|
description: |-
|
||||||
TPP specifies Trust Protection Platform configuration settings.
|
TPP specifies CyberArk Certificate Manager Self-Hosted configuration settings.
|
||||||
Only one of TPP or Cloud may be specified.
|
Only one of CyberArk Certificate Manager may be specified.
|
||||||
properties:
|
properties:
|
||||||
caBundle:
|
caBundle:
|
||||||
description: |-
|
description: |-
|
||||||
Base64-encoded bundle of PEM CAs which will be used to validate the certificate
|
Base64-encoded bundle of PEM CAs which will be used to validate the certificate
|
||||||
chain presented by the TPP server. Only used if using HTTPS; ignored for HTTP.
|
chain presented by the CyberArk Certificate Manager Self-Hosted server. Only used if using HTTPS; ignored for HTTP.
|
||||||
If undefined, the certificate bundle in the cert-manager controller container
|
If undefined, the certificate bundle in the cert-manager controller container
|
||||||
is used to validate the chain.
|
is used to validate the chain.
|
||||||
format: byte
|
format: byte
|
||||||
@@ -3676,7 +3694,7 @@ spec:
|
|||||||
caBundleSecretRef:
|
caBundleSecretRef:
|
||||||
description: |-
|
description: |-
|
||||||
Reference to a Secret containing a base64-encoded bundle of PEM CAs
|
Reference to a Secret containing a base64-encoded bundle of PEM CAs
|
||||||
which will be used to validate the certificate chain presented by the TPP server.
|
which will be used to validate the certificate chain presented by the CyberArk Certificate Manager Self-Hosted server.
|
||||||
Only used if using HTTPS; ignored for HTTP. Mutually exclusive with CABundle.
|
Only used if using HTTPS; ignored for HTTP. Mutually exclusive with CABundle.
|
||||||
If neither CABundle nor CABundleSecretRef is defined, the certificate bundle in
|
If neither CABundle nor CABundleSecretRef is defined, the certificate bundle in
|
||||||
the cert-manager controller container is used to validate the TLS connection.
|
the cert-manager controller container is used to validate the TLS connection.
|
||||||
@@ -3697,7 +3715,7 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
credentialsRef:
|
credentialsRef:
|
||||||
description: |-
|
description: |-
|
||||||
CredentialsRef is a reference to a Secret containing the Venafi TPP API credentials.
|
CredentialsRef is a reference to a Secret containing the CyberArk Certificate Manager Self-Hosted API credentials.
|
||||||
The secret must contain the key 'access-token' for the Access Token Authentication,
|
The secret must contain the key 'access-token' for the Access Token Authentication,
|
||||||
or two keys, 'username' and 'password' for the API Keys Authentication.
|
or two keys, 'username' and 'password' for the API Keys Authentication.
|
||||||
properties:
|
properties:
|
||||||
@@ -3711,7 +3729,7 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
url:
|
url:
|
||||||
description: |-
|
description: |-
|
||||||
URL is the base URL for the vedsdk endpoint of the Venafi TPP instance,
|
URL is the base URL for the vedsdk endpoint of the CyberArk Certificate Manager Self-Hosted instance,
|
||||||
for example: "https://tpp.example.com/vedsdk".
|
for example: "https://tpp.example.com/vedsdk".
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
@@ -3720,8 +3738,8 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
zone:
|
zone:
|
||||||
description: |-
|
description: |-
|
||||||
Zone is the Venafi Policy Zone to use for this issuer.
|
Zone is the Certificate Manager Policy Zone to use for this issuer.
|
||||||
All requests made to the Venafi platform will be restricted by the named
|
All requests made to the Certificate Manager platform will be restricted by the named
|
||||||
zone policy.
|
zone policy.
|
||||||
This field is required.
|
This field is required.
|
||||||
type: string
|
type: string
|
||||||
|
|||||||
@@ -9,9 +9,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: "cert-manager"
|
app.kubernetes.io/name: "cert-manager"
|
||||||
app.kubernetes.io/instance: "cert-manager"
|
app.kubernetes.io/instance: "cert-manager"
|
||||||
app.kubernetes.io/component: "crds"
|
app.kubernetes.io/component: "crds"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
spec:
|
spec:
|
||||||
group: acme.cert-manager.io
|
group: acme.cert-manager.io
|
||||||
names:
|
names:
|
||||||
@@ -270,6 +270,10 @@ spec:
|
|||||||
- metadata
|
- metadata
|
||||||
- spec
|
- spec
|
||||||
type: object
|
type: object
|
||||||
|
selectableFields:
|
||||||
|
- jsonPath: .spec.issuerRef.group
|
||||||
|
- jsonPath: .spec.issuerRef.kind
|
||||||
|
- jsonPath: .spec.issuerRef.name
|
||||||
served: true
|
served: true
|
||||||
storage: true
|
storage: true
|
||||||
subresources:
|
subresources:
|
||||||
|
|||||||
@@ -8,9 +8,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cainjector
|
app.kubernetes.io/name: cainjector
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "cainjector"
|
app.kubernetes.io/component: "cainjector"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
spec:
|
spec:
|
||||||
replicas: 2
|
replicas: 2
|
||||||
selector:
|
selector:
|
||||||
@@ -25,9 +25,9 @@ spec:
|
|||||||
app.kubernetes.io/name: cainjector
|
app.kubernetes.io/name: cainjector
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "cainjector"
|
app.kubernetes.io/component: "cainjector"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
spec:
|
spec:
|
||||||
serviceAccountName: cert-manager-cainjector
|
serviceAccountName: cert-manager-cainjector
|
||||||
enableServiceLinks: false
|
enableServiceLinks: false
|
||||||
@@ -37,7 +37,7 @@ spec:
|
|||||||
type: RuntimeDefault
|
type: RuntimeDefault
|
||||||
containers:
|
containers:
|
||||||
- name: cert-manager-cainjector
|
- name: cert-manager-cainjector
|
||||||
image: "quay.io/jetstack/cert-manager-cainjector:v1.19.4"
|
image: "quay.io/jetstack/cert-manager-cainjector:v1.20.0"
|
||||||
imagePullPolicy: IfNotPresent
|
imagePullPolicy: IfNotPresent
|
||||||
args:
|
args:
|
||||||
- --v=2
|
- --v=2
|
||||||
|
|||||||
@@ -8,9 +8,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: webhook
|
app.kubernetes.io/name: webhook
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "webhook"
|
app.kubernetes.io/component: "webhook"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
spec:
|
spec:
|
||||||
replicas: 1
|
replicas: 1
|
||||||
selector:
|
selector:
|
||||||
@@ -25,9 +25,9 @@ spec:
|
|||||||
app.kubernetes.io/name: webhook
|
app.kubernetes.io/name: webhook
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "webhook"
|
app.kubernetes.io/component: "webhook"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
spec:
|
spec:
|
||||||
serviceAccountName: cert-manager-webhook
|
serviceAccountName: cert-manager-webhook
|
||||||
enableServiceLinks: false
|
enableServiceLinks: false
|
||||||
@@ -37,7 +37,7 @@ spec:
|
|||||||
type: RuntimeDefault
|
type: RuntimeDefault
|
||||||
containers:
|
containers:
|
||||||
- name: cert-manager-webhook
|
- name: cert-manager-webhook
|
||||||
image: "quay.io/jetstack/cert-manager-webhook:v1.19.4"
|
image: "quay.io/jetstack/cert-manager-webhook:v1.20.0"
|
||||||
imagePullPolicy: IfNotPresent
|
imagePullPolicy: IfNotPresent
|
||||||
args:
|
args:
|
||||||
- --v=2
|
- --v=2
|
||||||
|
|||||||
@@ -8,9 +8,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
spec:
|
spec:
|
||||||
replicas: 2
|
replicas: 2
|
||||||
selector:
|
selector:
|
||||||
@@ -25,9 +25,9 @@ spec:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
spec:
|
spec:
|
||||||
serviceAccountName: cert-manager
|
serviceAccountName: cert-manager
|
||||||
enableServiceLinks: false
|
enableServiceLinks: false
|
||||||
@@ -37,13 +37,13 @@ spec:
|
|||||||
type: RuntimeDefault
|
type: RuntimeDefault
|
||||||
containers:
|
containers:
|
||||||
- name: cert-manager-controller
|
- name: cert-manager-controller
|
||||||
image: "quay.io/jetstack/cert-manager-controller:v1.19.4"
|
image: "quay.io/jetstack/cert-manager-controller:v1.20.0"
|
||||||
imagePullPolicy: IfNotPresent
|
imagePullPolicy: IfNotPresent
|
||||||
args:
|
args:
|
||||||
- --v=2
|
- --v=2
|
||||||
- --cluster-resource-namespace=$(POD_NAMESPACE)
|
- --cluster-resource-namespace=$(POD_NAMESPACE)
|
||||||
- --leader-election-namespace=kube-system
|
- --leader-election-namespace=kube-system
|
||||||
- --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.19.4
|
- --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.20.0
|
||||||
- --enable-gateway-api
|
- --enable-gateway-api
|
||||||
- --max-concurrent-challenges=60
|
- --max-concurrent-challenges=60
|
||||||
ports:
|
ports:
|
||||||
|
|||||||
@@ -8,9 +8,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: startupapicheck
|
app.kubernetes.io/name: startupapicheck
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "startupapicheck"
|
app.kubernetes.io/component: "startupapicheck"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
annotations:
|
annotations:
|
||||||
helm.sh/hook: post-install
|
helm.sh/hook: post-install
|
||||||
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
|
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
|
||||||
@@ -24,9 +24,9 @@ spec:
|
|||||||
app.kubernetes.io/name: startupapicheck
|
app.kubernetes.io/name: startupapicheck
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "startupapicheck"
|
app.kubernetes.io/component: "startupapicheck"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
spec:
|
spec:
|
||||||
restartPolicy: OnFailure
|
restartPolicy: OnFailure
|
||||||
serviceAccountName: cert-manager-startupapicheck
|
serviceAccountName: cert-manager-startupapicheck
|
||||||
@@ -37,7 +37,7 @@ spec:
|
|||||||
type: RuntimeDefault
|
type: RuntimeDefault
|
||||||
containers:
|
containers:
|
||||||
- name: cert-manager-startupapicheck
|
- name: cert-manager-startupapicheck
|
||||||
image: "quay.io/jetstack/cert-manager-startupapicheck:v1.19.4"
|
image: "quay.io/jetstack/cert-manager-startupapicheck:v1.20.0"
|
||||||
imagePullPolicy: IfNotPresent
|
imagePullPolicy: IfNotPresent
|
||||||
args:
|
args:
|
||||||
- check
|
- check
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: webhook
|
app.kubernetes.io/name: webhook
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "webhook"
|
app.kubernetes.io/component: "webhook"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
annotations:
|
annotations:
|
||||||
cert-manager.io/inject-ca-from-secret: "cert-manager/cert-manager-webhook-ca"
|
cert-manager.io/inject-ca-from-secret: "cert-manager/cert-manager-webhook-ca"
|
||||||
webhooks:
|
webhooks:
|
||||||
|
|||||||
@@ -8,9 +8,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cainjector
|
app.kubernetes.io/name: cainjector
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "cainjector"
|
app.kubernetes.io/component: "cainjector"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
rules:
|
rules:
|
||||||
- apiGroups: ["coordination.k8s.io"]
|
- apiGroups: ["coordination.k8s.io"]
|
||||||
resources: ["leases"]
|
resources: ["leases"]
|
||||||
|
|||||||
@@ -8,9 +8,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: startupapicheck
|
app.kubernetes.io/name: startupapicheck
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "startupapicheck"
|
app.kubernetes.io/component: "startupapicheck"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
annotations:
|
annotations:
|
||||||
helm.sh/hook: post-install
|
helm.sh/hook: post-install
|
||||||
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
|
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
|
||||||
|
|||||||
@@ -8,9 +8,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
rules:
|
rules:
|
||||||
- apiGroups: [""]
|
- apiGroups: [""]
|
||||||
resources: ["serviceaccounts/token"]
|
resources: ["serviceaccounts/token"]
|
||||||
|
|||||||
@@ -8,9 +8,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: webhook
|
app.kubernetes.io/name: webhook
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "webhook"
|
app.kubernetes.io/component: "webhook"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
rules:
|
rules:
|
||||||
- apiGroups: [""]
|
- apiGroups: [""]
|
||||||
resources: ["secrets"]
|
resources: ["secrets"]
|
||||||
|
|||||||
@@ -8,9 +8,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
rules:
|
rules:
|
||||||
- apiGroups: ["coordination.k8s.io"]
|
- apiGroups: ["coordination.k8s.io"]
|
||||||
resources: ["leases"]
|
resources: ["leases"]
|
||||||
|
|||||||
@@ -8,9 +8,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cainjector
|
app.kubernetes.io/name: cainjector
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "cainjector"
|
app.kubernetes.io/component: "cainjector"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
roleRef:
|
roleRef:
|
||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
kind: Role
|
kind: Role
|
||||||
|
|||||||
@@ -8,9 +8,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: startupapicheck
|
app.kubernetes.io/name: startupapicheck
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "startupapicheck"
|
app.kubernetes.io/component: "startupapicheck"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
annotations:
|
annotations:
|
||||||
helm.sh/hook: post-install
|
helm.sh/hook: post-install
|
||||||
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
|
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
|
||||||
|
|||||||
@@ -8,9 +8,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
roleRef:
|
roleRef:
|
||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
kind: Role
|
kind: Role
|
||||||
|
|||||||
@@ -8,9 +8,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: webhook
|
app.kubernetes.io/name: webhook
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "webhook"
|
app.kubernetes.io/component: "webhook"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
roleRef:
|
roleRef:
|
||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
kind: Role
|
kind: Role
|
||||||
|
|||||||
@@ -8,9 +8,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
roleRef:
|
roleRef:
|
||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
kind: Role
|
kind: Role
|
||||||
|
|||||||
@@ -8,9 +8,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cainjector
|
app.kubernetes.io/name: cainjector
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "cainjector"
|
app.kubernetes.io/component: "cainjector"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
spec:
|
spec:
|
||||||
type: ClusterIP
|
type: ClusterIP
|
||||||
ports:
|
ports:
|
||||||
|
|||||||
@@ -8,9 +8,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: webhook
|
app.kubernetes.io/name: webhook
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "webhook"
|
app.kubernetes.io/component: "webhook"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
spec:
|
spec:
|
||||||
type: ClusterIP
|
type: ClusterIP
|
||||||
ports:
|
ports:
|
||||||
|
|||||||
@@ -8,9 +8,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
spec:
|
spec:
|
||||||
type: ClusterIP
|
type: ClusterIP
|
||||||
ports:
|
ports:
|
||||||
|
|||||||
@@ -9,6 +9,6 @@ metadata:
|
|||||||
app.kubernetes.io/name: cainjector
|
app.kubernetes.io/name: cainjector
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "cainjector"
|
app.kubernetes.io/component: "cainjector"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
|
|||||||
@@ -13,6 +13,6 @@ metadata:
|
|||||||
app.kubernetes.io/name: startupapicheck
|
app.kubernetes.io/name: startupapicheck
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "startupapicheck"
|
app.kubernetes.io/component: "startupapicheck"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
|
|||||||
@@ -9,6 +9,6 @@ metadata:
|
|||||||
app.kubernetes.io/name: webhook
|
app.kubernetes.io/name: webhook
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "webhook"
|
app.kubernetes.io/component: "webhook"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
|
|||||||
@@ -9,6 +9,6 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
|
|||||||
@@ -8,12 +8,12 @@ metadata:
|
|||||||
app.kubernetes.io/name: cert-manager
|
app.kubernetes.io/name: cert-manager
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "controller"
|
app.kubernetes.io/component: "controller"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
prometheus: default
|
prometheus: default
|
||||||
spec:
|
spec:
|
||||||
jobLabel: cert-manager
|
jobLabel: app.kubernetes.io/name
|
||||||
selector:
|
selector:
|
||||||
matchExpressions:
|
matchExpressions:
|
||||||
- key: app.kubernetes.io/name
|
- key: app.kubernetes.io/name
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ metadata:
|
|||||||
app.kubernetes.io/name: webhook
|
app.kubernetes.io/name: webhook
|
||||||
app.kubernetes.io/instance: cert-manager
|
app.kubernetes.io/instance: cert-manager
|
||||||
app.kubernetes.io/component: "webhook"
|
app.kubernetes.io/component: "webhook"
|
||||||
app.kubernetes.io/version: "v1.19.4"
|
app.kubernetes.io/version: "v1.20.0"
|
||||||
app.kubernetes.io/managed-by: Helm
|
app.kubernetes.io/managed-by: Helm
|
||||||
helm.sh/chart: cert-manager-v1.19.4
|
helm.sh/chart: cert-manager-v1.20.0
|
||||||
annotations:
|
annotations:
|
||||||
cert-manager.io/inject-ca-from-secret: "cert-manager/cert-manager-webhook-ca"
|
cert-manager.io/inject-ca-from-secret: "cert-manager/cert-manager-webhook-ca"
|
||||||
webhooks:
|
webhooks:
|
||||||
|
|||||||
Reference in New Issue
Block a user