Skip to content

Commit

Permalink
Use separate urls for each type of KubeDB resource (#166)
Browse files Browse the repository at this point in the history
  • Loading branch information
@tamalsaha
tamalsaha authored Feb 13, 2018
1 parent c48a175 commit b45b88a
Show file tree
Hide file tree
Showing 2 changed files with 168 additions and 24 deletions.
96 changes: 84 additions & 12 deletions chart/stable/kubedb/templates/validating-webhook-configuration.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,23 +9,95 @@ metadata:
heritage: "{{ .Release.Service }}"
release: "{{ .Release.Name }}"
webhooks:
- name: admission.kubedb.com
- name: elasticsearch.admission.kubedb.com
clientConfig:
service:
namespace: default
name: kubernetes
path: /apis/admission.kubedb.com/v1alpha1/reviews
path: /apis/admission.kubedb.com/v1alpha1/elasticsearchreviews
caBundle: {{ b64enc .Values.apiserver.ca }}
rules:
- operations:
- CREATE
- UPDATE
- DELETE
apiGroups:
- kubedb.com
apiVersions:
- "*"
resources:
- "*"
- apiGroups: ["kubedb.com"]
apiVersions: ["*"]
resources: ["elasticsearchs"]
operations: ["CREATE", "UPDATE", "DELETE"]
failurePolicy: Fail
- name: postgres.admission.kubedb.com
clientConfig:
service:
namespace: default
name: kubernetes
path: /apis/admission.kubedb.com/v1alpha1/postgresreviews
caBundle: {{ b64enc .Values.apiserver.ca }}
rules:
- apiGroups: ["kubedb.com"]
apiVersions: ["*"]
resources: ["postgreses"]
operations: ["CREATE", "UPDATE", "DELETE"]
failurePolicy: Fail
- name: mysql.admission.kubedb.com
clientConfig:
service:
namespace: default
name: kubernetes
path: /apis/admission.kubedb.com/v1alpha1/mysqlreviews
caBundle: {{ b64enc .Values.apiserver.ca }}
rules:
- apiGroups: ["kubedb.com"]
apiVersions: ["*"]
resources: ["mysqls"]
operations: ["CREATE", "UPDATE", "DELETE"]
failurePolicy: Fail
- name: mongodb.admission.kubedb.com
clientConfig:
service:
namespace: default
name: kubernetes
path: /apis/admission.kubedb.com/v1alpha1/mongodbreviews
caBundle: {{ b64enc .Values.apiserver.ca }}
rules:
- apiGroups: ["kubedb.com"]
apiVersions: ["*"]
resources: ["mongodbs"]
operations: ["CREATE", "UPDATE", "DELETE"]
failurePolicy: Fail
- name: redis.admission.kubedb.com
clientConfig:
service:
namespace: default
name: kubernetes
path: /apis/admission.kubedb.com/v1alpha1/redisreviews
caBundle: {{ b64enc .Values.apiserver.ca }}
rules:
- apiGroups: ["kubedb.com"]
apiVersions: ["*"]
resources: ["redises"]
operations: ["CREATE", "UPDATE", "DELETE"]
failurePolicy: Fail
- name: memcached.admission.kubedb.com
clientConfig:
service:
namespace: default
name: kubernetes
path: /apis/admission.kubedb.com/v1alpha1/memcachedreviews
caBundle: {{ b64enc .Values.apiserver.ca }}
rules:
- apiGroups: ["kubedb.com"]
apiVersions: ["*"]
resources: ["memcacheds"]
operations: ["CREATE", "UPDATE", "DELETE"]
failurePolicy: Fail
- name: snapshot.admission.kubedb.com
clientConfig:
service:
namespace: default
name: kubernetes
path: /apis/admission.kubedb.com/v1alpha1/snapshotreviews
caBundle: {{ b64enc .Values.apiserver.ca }}
rules:
- apiGroups: ["kubedb.com"]
apiVersions: ["*"]
resources: ["snapshots"]
operations: ["CREATE", "UPDATE"]
failurePolicy: Fail
{{ end }}
96 changes: 84 additions & 12 deletions hack/deploy/admission.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,22 +6,94 @@ metadata:
labels:
app: kubedb
webhooks:
- name: admission.kubedb.com
- name: elasticsearch.admission.kubedb.com
clientConfig:
service:
namespace: default
name: kubernetes
path: /apis/admission.kubedb.com/v1alpha1/reviews
path: /apis/admission.kubedb.com/v1alpha1/elasticsearchreviews
caBundle: ${KUBE_CA}
rules:
- operations:
- CREATE
- UPDATE
- DELETE
apiGroups:
- kubedb.com
apiVersions:
- "*"
resources:
- "*"
- apiGroups: ["kubedb.com"]
apiVersions: ["*"]
resources: ["elasticsearchs"]
operations: ["CREATE", "UPDATE", "DELETE"]
failurePolicy: Fail
- name: postgres.admission.kubedb.com
clientConfig:
service:
namespace: default
name: kubernetes
path: /apis/admission.kubedb.com/v1alpha1/postgresreviews
caBundle: ${KUBE_CA}
rules:
- apiGroups: ["kubedb.com"]
apiVersions: ["*"]
resources: ["postgreses"]
operations: ["CREATE", "UPDATE", "DELETE"]
failurePolicy: Fail
- name: mysql.admission.kubedb.com
clientConfig:
service:
namespace: default
name: kubernetes
path: /apis/admission.kubedb.com/v1alpha1/mysqlreviews
caBundle: ${KUBE_CA}
rules:
- apiGroups: ["kubedb.com"]
apiVersions: ["*"]
resources: ["mysqls"]
operations: ["CREATE", "UPDATE", "DELETE"]
failurePolicy: Fail
- name: mongodb.admission.kubedb.com
clientConfig:
service:
namespace: default
name: kubernetes
path: /apis/admission.kubedb.com/v1alpha1/mongodbreviews
caBundle: ${KUBE_CA}
rules:
- apiGroups: ["kubedb.com"]
apiVersions: ["*"]
resources: ["mongodbs"]
operations: ["CREATE", "UPDATE", "DELETE"]
failurePolicy: Fail
- name: redis.admission.kubedb.com
clientConfig:
service:
namespace: default
name: kubernetes
path: /apis/admission.kubedb.com/v1alpha1/redisreviews
caBundle: ${KUBE_CA}
rules:
- apiGroups: ["kubedb.com"]
apiVersions: ["*"]
resources: ["redises"]
operations: ["CREATE", "UPDATE", "DELETE"]
failurePolicy: Fail
- name: memcached.admission.kubedb.com
clientConfig:
service:
namespace: default
name: kubernetes
path: /apis/admission.kubedb.com/v1alpha1/memcachedreviews
caBundle: ${KUBE_CA}
rules:
- apiGroups: ["kubedb.com"]
apiVersions: ["*"]
resources: ["memcacheds"]
operations: ["CREATE", "UPDATE", "DELETE"]
failurePolicy: Fail
- name: snapshot.admission.kubedb.com
clientConfig:
service:
namespace: default
name: kubernetes
path: /apis/admission.kubedb.com/v1alpha1/snapshotreviews
caBundle: ${KUBE_CA}
rules:
- apiGroups: ["kubedb.com"]
apiVersions: ["*"]
resources: ["snapshots"]
operations: ["CREATE", "UPDATE"]
failurePolicy: Fail

0 comments on commit b45b88a

Please sign in to comment.