alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 2 Actions Activity
Files
ad02c0a7b35d9a69ecbc01464d6fe4cff12907a0
infrastructure/clusters/cl01tl/manifests/cilium/CronJob-hubble-generate-certs.yaml
gitea-bot 25e5e6db68 Automated Manifest Update (#2409) 
This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow.

Reviewed-on: #2409
Co-authored-by: gitea-bot <gitea-bot@alexlebens.net>
Co-committed-by: gitea-bot <gitea-bot@alexlebens.net>
2025-12-12 01:28:41 +00:00

72 lines
2.4 KiB
YAML
Raw Blame History

apiVersion: batch/v1
kind: CronJob
metadata:
name: hubble-generate-certs
namespace: kube-system
labels:
k8s-app: hubble-generate-certs
app.kubernetes.io/name: hubble-generate-certs
app.kubernetes.io/part-of: cilium
spec:
schedule: "0 0 1 */4 *"
concurrencyPolicy: Forbid
jobTemplate:
spec:
template:
metadata:
labels:
k8s-app: hubble-generate-certs
spec:
securityContext:
seccompProfile:
type: RuntimeDefault
containers:
- name: certgen
image: "quay.io/cilium/certgen:v0.2.4@sha256:de7b97b1d19a34b674d0c4bc1da4db999f04ae355923a9a994ac3a81e1a1b5ff"
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- ALL
allowPrivilegeEscalation: false
command:
- "/usr/bin/cilium-certgen"
args:
- "--ca-generate=true"
- "--ca-reuse-secret"
- "--ca-secret-namespace=kube-system"
- "--ca-secret-name=cilium-ca"
- "--ca-common-name=Cilium CA"
env:
- name: CILIUM_CERTGEN_CONFIG
value: |
certs:
- name: hubble-server-certs
namespace: kube-system
commonName: "*.default.hubble-grpc.cilium.io"
hosts:
- "*.default.hubble-grpc.cilium.io"
usage:
- signing
- key encipherment
- server auth
- client auth
validity: 8760h
- name: hubble-relay-client-certs
namespace: kube-system
commonName: "*.hubble-relay.cilium.io"
hosts:
- "*.hubble-relay.cilium.io"
usage:
- signing
- key encipherment
- client auth
validity: 8760h
hostNetwork: false
serviceAccount: "hubble-generate-certs"
serviceAccountName: "hubble-generate-certs"
automountServiceAccountToken: true
restartPolicy: OnFailure
affinity:
ttlSecondsAfterFinished: 1800
Reference in New Issue View Git Blame Copy Permalink