admission-controller: Update to version master-246

k8s-on-aws-manager-app[bot] · web-flow · commit 7bf7faa9695f · 2025-03-13T14:08:16.000Z
Update 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/admission-controller to version master-246
diff --git a/cluster/manifests/02-admission-control/deployment.yaml b/cluster/manifests/02-admission-control/deployment.yaml
@@ -0,0 +1,73 @@
+{{- if eq .Cluster.Provider "zalando-eks"}}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: teapot-admission-controller
+  namespace: kube-system
+  labels:
+    application: kubernetes
+    component: admission-controller
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      deployment: teapot-admission-controller
+  template:
+    metadata:
+      labels:
+        deployment: teapot-admission-controller
+        application: kubernetes
+        component: admission-controller
+      annotations:
+        logging/destination: "{{.Cluster.ConfigItems.log_destination_infra}}"
+    spec:
+      tolerations:
+      - key: dedicated
+        value: cluster-seed
+        effect: NoSchedule
+      dnsConfig:
+        options:
+          - name: ndots
+            value: "1"
+      serviceAccountName: admission-controller
+      priorityClassName: system-cluster-critical
+      containers:
+      - name: admission-controller
+        image: 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/admission-controller:master-246
+        lifecycle:
+          preStop:
+            exec:
+              command: ["/bin/sh", "-c",  "sleep 60"]
+        readinessProbe:
+          httpGet:
+            scheme: HTTPS
+            path: /healthz
+            port: 8085
+          initialDelaySeconds: 5
+          timeoutSeconds: 5
+        resources:
+          requests:
+            cpu: 50m
+            memory: 100Mi
+          # TODO: limits
+        args:
+          - --address=:8085
+          - --tls-cert-file=/etc/tls-certs/admission-controller.pem
+          - --tls-key-file=/etc/tls-certs/admission-controller-key.pem
+{{- if index .Cluster.ConfigItems "application_registry_url" }}
+          - --application-registry-url={{.Cluster.ConfigItems.application_registry_url}}
+{{- end }}
+{{- if index .Cluster.ConfigItems "docker_meta_url" }}
+          - --docker-meta-url={{.Cluster.ConfigItems.docker_meta_url}}
+{{- end }}
+        ports:
+          - containerPort: 8085
+        volumeMounts:
+          - mountPath: /etc/tls-certs
+            name: tls-certs
+            readOnly: true
+      volumes:
+      - name: tls-certs
+        secret:
+          secretName: admission-controller-tls-certs
+{{- end }}
