File tree Expand file tree Collapse file tree 11 files changed +714
-0
lines changed Expand file tree Collapse file tree 11 files changed +714
-0
lines changed Original file line number Diff line number Diff line change 1+ # Source: external-secrets/templates/cert-controller-deployment.yaml
2+ apiVersion : apps/v1
3+ kind : Deployment
4+ metadata :
5+ name : external-secrets-cert-controller
6+ namespace : external-secrets
7+ labels :
8+ app.kubernetes.io/name : external-secrets-cert-controller
9+ app.kubernetes.io/instance : external-secrets
10+ spec :
11+ replicas : 1
12+ revisionHistoryLimit : 10
13+ selector :
14+ matchLabels :
15+ app.kubernetes.io/name : external-secrets-cert-controller
16+ app.kubernetes.io/instance : external-secrets
17+ template :
18+ metadata :
19+ labels :
20+ app.kubernetes.io/name : external-secrets-cert-controller
21+ app.kubernetes.io/instance : external-secrets
22+ spec :
23+ serviceAccountName : external-secrets-cert-controller
24+ automountServiceAccountToken : true
25+ hostNetwork : false
26+ securityContext :
27+ runAsUser : 12364
28+ runAsGroup : 12364
29+ fsGroup : 12364
30+ runAsNonRoot : true
31+ seccompProfile :
32+ type : " RuntimeDefault"
33+ containers :
34+ - name : cert-controller
35+ securityContext :
36+ allowPrivilegeEscalation : false
37+ capabilities :
38+ drop :
39+ - ALL
40+ readOnlyRootFilesystem : true
41+ runAsNonRoot : true
42+ runAsUser : 12364
43+ seccompProfile :
44+ type : RuntimeDefault
45+ image : ghcr.io/external-secrets/external-secrets:v0.10.3
46+ imagePullPolicy : IfNotPresent
47+ args :
48+ - certcontroller
49+ - --crd-requeue-interval=5m
50+ - --service-name=external-secrets-webhook
51+ - --service-namespace=external-secrets
52+ - --secret-name=external-secrets-webhook
53+ - --secret-namespace=external-secrets
54+ - --metrics-addr=:8080
55+ - --healthz-addr=:8081
56+ ports :
57+ - containerPort : 8080
58+ protocol : TCP
59+ name : metrics
60+ readinessProbe :
61+ httpGet :
62+ port : 8081
63+ path : /readyz
64+ initialDelaySeconds : 20
65+ periodSeconds : 5
Original file line number Diff line number Diff line change 1+ ---
2+ # Source: external-secrets/templates/webhook-deployment.yaml
3+ apiVersion : apps/v1
4+ kind : Deployment
5+ metadata :
6+ name : external-secrets-webhook
7+ namespace : external-secrets
8+ labels :
9+ app.kubernetes.io/name : external-secrets-webhook
10+ app.kubernetes.io/instance : external-secrets
11+ spec :
12+ replicas : 1
13+ revisionHistoryLimit : 10
14+ selector :
15+ matchLabels :
16+ app.kubernetes.io/name : external-secrets-webhook
17+ app.kubernetes.io/instance : external-secrets
18+ template :
19+ metadata :
20+ labels :
21+ app.kubernetes.io/name : external-secrets-webhook
22+ app.kubernetes.io/instance : external-secrets
23+ spec :
24+ hostNetwork : false
25+ serviceAccountName : external-secrets-webhook
26+ automountServiceAccountToken : true
27+ securityContext :
28+ runAsUser : 12364
29+ runAsGroup : 12364
30+ fsGroup : 12364
31+ runAsNonRoot : true
32+ seccompProfile :
33+ type : " RuntimeDefault"
34+ containers :
35+ - name : webhook
36+ securityContext :
37+ allowPrivilegeEscalation : false
38+ capabilities :
39+ drop :
40+ - ALL
41+ readOnlyRootFilesystem : true
42+ runAsNonRoot : true
43+ runAsUser : 12364
44+ seccompProfile :
45+ type : RuntimeDefault
46+ image : ghcr.io/external-secrets/external-secrets:v0.10.3
47+ imagePullPolicy : IfNotPresent
48+ args :
49+ - webhook
50+ - --port=10250
51+ - --dns-name=external-secrets-webhook.external-secrets.svc
52+ - --cert-dir=/tmp/certs
53+ - --check-interval=5m
54+ - --metrics-addr=:8080
55+ - --healthz-addr=:8081
56+ ports :
57+ - containerPort : 8080
58+ protocol : TCP
59+ name : metrics
60+ - containerPort : 10250
61+ protocol : TCP
62+ name : webhook
63+ readinessProbe :
64+ httpGet :
65+ port : 8081
66+ path : /readyz
67+ initialDelaySeconds : 20
68+ periodSeconds : 5
69+ volumeMounts :
70+ - name : certs
71+ mountPath : /tmp/certs
72+ readOnly : true
73+ volumes :
74+ - name : certs
75+ secret :
76+ secretName : external-secrets-webhook
Original file line number Diff line number Diff line change 1+ # Source: external-secrets/templates/deployment.yaml
2+ apiVersion : apps/v1
3+ kind : Deployment
4+ metadata :
5+ name : external-secrets
6+ namespace : external-secrets
7+ labels :
8+ helm.sh/chart : external-secrets-0.9.19
9+ app.kubernetes.io/name : external-secrets
10+ app.kubernetes.io/instance : external-secrets
11+ app.kubernetes.io/version : " v0.10.3"
12+ app.kubernetes.io/managed-by : Helm
13+ spec :
14+ replicas : 1
15+ revisionHistoryLimit : 10
16+ selector :
17+ matchLabels :
18+ app.kubernetes.io/name : external-secrets
19+ app.kubernetes.io/instance : external-secrets
20+ template :
21+ metadata :
22+ labels :
23+ app.kubernetes.io/name : external-secrets
24+ app.kubernetes.io/instance : external-secrets
25+ spec :
26+ serviceAccountName : external-secrets
27+ automountServiceAccountToken : true
28+ hostNetwork : false
29+ securityContext :
30+ runAsUser : 12364
31+ runAsGroup : 12364
32+ fsGroup : 12364
33+ runAsNonRoot : true
34+ seccompProfile :
35+ type : " RuntimeDefault"
36+ containers :
37+ - name : external-secrets
38+ securityContext :
39+ allowPrivilegeEscalation : false
40+ capabilities :
41+ drop :
42+ - ALL
43+ readOnlyRootFilesystem : true
44+ runAsNonRoot : true
45+ runAsUser : 12364
46+ seccompProfile :
47+ type : RuntimeDefault
48+ image : ghcr.io/external-secrets/external-secrets:v0.10.3
49+ imagePullPolicy : IfNotPresent
50+ args :
51+ - --concurrent=1
52+ - --metrics-addr=:8080
53+ ports :
54+ - containerPort : 8080
55+ protocol : TCP
56+ name : metrics
57+ dnsPolicy : ClusterFirst
Original file line number Diff line number Diff line change 1+ ---
2+ apiVersion : kustomize.config.k8s.io/v1alpha1
3+ kind : Component
4+ resources :
5+ - deployment.yaml
6+ - deployment-controller.yaml
7+ - deployment-webhook.yaml
8+ - rbac-bindings.yaml
9+ - rbac-clusterroles.yaml
10+ - rbac-sa.yaml
11+ - service.yaml
12+ - webhooks.yaml
You can’t perform that action at this time.
0 commit comments