@@ -9,10 +9,13 @@ namespace: keystone-operator-system
99namePrefix : keystone-operator-
1010
1111# Labels to add to all resources and selectors.
12- # commonLabels:
13- # someName: someValue
12+ # labels:
13+ # - includeSelectors: true
14+ # includeTemplates: true
15+ # pairs:
16+ # someName: someValue
1417
15- bases :
18+ resources :
1619- ../crd
1720- ../rbac
1821- ../manager
@@ -24,54 +27,124 @@ bases:
2427# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'.
2528# - ../prometheus
2629
27- patchesStrategicMerge :
30+ patches :
2831# Protect the /metrics endpoint by putting it behind auth.
2932# If you want your controller-manager to expose the /metrics
3033# endpoint w/o any authn/z, please comment the following line.
31- - manager_auth_proxy_patch.yaml
34+ - path : manager_auth_proxy_patch.yaml
3235
3336# Mount the controller config file for loading manager configurations
3437# through a ComponentConfig type
35- # - manager_config_patch.yaml
38+ # - path: manager_config_patch.yaml
3639
3740# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in
3841# crd/kustomization.yaml
39- - manager_webhook_patch.yaml
42+ - path : manager_webhook_patch.yaml
4043
4144# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'.
4245# Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks.
4346# 'CERTMANAGER' needs to be enabled to use ca injection
44- # - webhookcainjection_patch.yaml
47+ # - path: webhookcainjection_patch.yaml
4548
4649# Injects our custom images (ENV variable settings)
47- - manager_default_images.yaml
50+ - path : manager_default_images.yaml
4851
49- # the following config is for teaching kustomize how to do var substitution
50- vars :
5152# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix.
52- # - name: CERTIFICATE_NAMESPACE # namespace of the certificate CR
53- # objref:
54- # kind: Certificate
55- # group: cert-manager.io
56- # version: v1
57- # name: serving-cert # this name should match the one in certificate.yaml
58- # fieldref:
59- # fieldpath: metadata.namespace
60- # - name: CERTIFICATE_NAME
61- # objref:
62- # kind: Certificate
63- # group: cert-manager.io
64- # version: v1
65- # name: serving-cert # this name should match the one in certificate.yaml
66- # - name: SERVICE_NAMESPACE # namespace of the service
67- # objref:
68- # kind: Service
69- # version: v1
70- # name: webhook-service
71- # fieldref:
72- # fieldpath: metadata.namespace
73- # - name: SERVICE_NAME
74- # objref:
75- # kind: Service
76- # version: v1
77- # name: webhook-service
53+ # Uncomment the following replacements to add the cert-manager CA injection annotations
54+ # replacements:
55+ # - source: # Add cert-manager annotation to ValidatingWebhookConfiguration, MutatingWebhookConfiguration and CRDs
56+ # kind: Certificate
57+ # group: cert-manager.io
58+ # version: v1
59+ # name: serving-cert # this name should match the one in certificate.yaml
60+ # fieldPath: .metadata.namespace # namespace of the certificate CR
61+ # targets:
62+ # - select:
63+ # kind: ValidatingWebhookConfiguration
64+ # fieldPaths:
65+ # - .metadata.annotations.[cert-manager.io/inject-ca-from]
66+ # options:
67+ # delimiter: '/'
68+ # index: 0
69+ # create: true
70+ # - select:
71+ # kind: MutatingWebhookConfiguration
72+ # fieldPaths:
73+ # - .metadata.annotations.[cert-manager.io/inject-ca-from]
74+ # options:
75+ # delimiter: '/'
76+ # index: 0
77+ # create: true
78+ # - select:
79+ # kind: CustomResourceDefinition
80+ # fieldPaths:
81+ # - .metadata.annotations.[cert-manager.io/inject-ca-from]
82+ # options:
83+ # delimiter: '/'
84+ # index: 0
85+ # create: true
86+ # - source:
87+ # kind: Certificate
88+ # group: cert-manager.io
89+ # version: v1
90+ # name: serving-cert # this name should match the one in certificate.yaml
91+ # fieldPath: .metadata.name
92+ # targets:
93+ # - select:
94+ # kind: ValidatingWebhookConfiguration
95+ # fieldPaths:
96+ # - .metadata.annotations.[cert-manager.io/inject-ca-from]
97+ # options:
98+ # delimiter: '/'
99+ # index: 1
100+ # create: true
101+ # - select:
102+ # kind: MutatingWebhookConfiguration
103+ # fieldPaths:
104+ # - .metadata.annotations.[cert-manager.io/inject-ca-from]
105+ # options:
106+ # delimiter: '/'
107+ # index: 1
108+ # create: true
109+ # - select:
110+ # kind: CustomResourceDefinition
111+ # fieldPaths:
112+ # - .metadata.annotations.[cert-manager.io/inject-ca-from]
113+ # options:
114+ # delimiter: '/'
115+ # index: 1
116+ # create: true
117+ # - source: # Add cert-manager annotation to the webhook Service
118+ # kind: Service
119+ # version: v1
120+ # name: webhook-service
121+ # fieldPath: .metadata.name # namespace of the service
122+ # targets:
123+ # - select:
124+ # kind: Certificate
125+ # group: cert-manager.io
126+ # version: v1
127+ # fieldPaths:
128+ # - .spec.dnsNames.0
129+ # - .spec.dnsNames.1
130+ # options:
131+ # delimiter: '.'
132+ # index: 0
133+ # create: true
134+ # - source:
135+ # kind: Service
136+ # version: v1
137+ # name: webhook-service
138+ # fieldPath: .metadata.namespace # namespace of the service
139+ # targets:
140+ # - select:
141+ # kind: Certificate
142+ # group: cert-manager.io
143+ # version: v1
144+ # fieldPaths:
145+ # - .spec.dnsNames.0
146+ # - .spec.dnsNames.1
147+ # options:
148+ # delimiter: '.'
149+ # index: 1
150+ # create: true
![openshift-merge-bot[bot]](https://avatars.githubusercontent.com/in/412865?v=4&size=40){kind=avatar}
0 commit comments