vynil/addons
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ed58ef54e16d3e7f89e3ffd6ed27a7b94eea149f
addons/virt/kubevirt/admissionregistration.k8s.io_v1_ValidatingWebhookConfiguration_virt-api-validator.yaml.hbs

537 lines
13 KiB
Handlebars
Raw Blame History

apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
annotations:
cert-manager.io/inject-ca-from: "{{ namespace }}/kubevirt-virt-api-certs"
labels:
app.kubernetes.io/component: kubevirt
app.kubernetes.io/managed-by: virt-operator
kubevirt.io: virt-api-validator
name: virt-api-validator
webhooks:
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /launcher-eviction-validate
port: 443
failurePolicy: Ignore
matchPolicy: Equivalent
name: virt-launcher-eviction-interceptor.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- ""
apiVersions:
- v1
operations:
- '*'
resources:
- pods/eviction
scope: '*'
sideEffects: NoneOnDryRun
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachineinstances-validate-create
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachineinstances-create-validator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- kubevirt.io
apiVersions:
- v1alpha3
- v1
operations:
- CREATE
resources:
- virtualmachineinstances
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachineinstances-validate-update
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachineinstances-update-validator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- kubevirt.io
apiVersions:
- v1alpha3
- v1
operations:
- UPDATE
resources:
- virtualmachineinstances
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachines-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachine-validator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- kubevirt.io
apiVersions:
- v1alpha3
- v1
operations:
- CREATE
- UPDATE
resources:
- virtualmachines
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachinereplicaset-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachinereplicaset-validator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- kubevirt.io
apiVersions:
- v1alpha3
- v1
operations:
- CREATE
- UPDATE
resources:
- virtualmachineinstancereplicasets
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachinepool-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachinepool-validator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- pool.kubevirt.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- virtualmachinepools
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /vmipreset-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachinepreset-validator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- kubevirt.io
apiVersions:
- v1alpha3
- v1
operations:
- CREATE
- UPDATE
resources:
- virtualmachineinstancepresets
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /migration-validate-create
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: migration-create-validator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- kubevirt.io
apiVersions:
- v1alpha3
- v1
operations:
- CREATE
resources:
- virtualmachineinstancemigrations
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /migration-validate-update
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: migration-update-validator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- kubevirt.io
apiVersions:
- v1alpha3
- v1
operations:
- UPDATE
resources:
- virtualmachineinstancemigrations
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachinesnapshots-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachinesnapshot-validator.snapshot.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- snapshot.kubevirt.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- virtualmachinesnapshots
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachinerestores-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachinerestore-validator.snapshot.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- snapshot.kubevirt.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- virtualmachinerestores
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachineexports-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachineexport-validator.export.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- export.kubevirt.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- virtualmachineexports
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachineinstancetypes-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachineinstancetype-validator.instancetype.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- instancetype.kubevirt.io
apiVersions:
- v1alpha1
- v1alpha2
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- virtualmachineinstancetypes
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachineclusterinstancetypes-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachineclusterinstancetype-validator.instancetype.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- instancetype.kubevirt.io
apiVersions:
- v1alpha1
- v1alpha2
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- virtualmachineclusterinstancetypes
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachinepreferences-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachinepreference-validator.instancetype.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- instancetype.kubevirt.io
apiVersions:
- v1alpha1
- v1alpha2
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- virtualmachinepreferences
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachineclusterpreferences-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachineclusterpreference-validator.instancetype.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- instancetype.kubevirt.io
apiVersions:
- v1alpha1
- v1alpha2
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- virtualmachineclusterpreferences
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /status-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: kubevirt-crd-status-validator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- kubevirt.io
apiVersions:
- v1alpha3
- v1
operations:
- CREATE
- UPDATE
resources:
- virtualmachines/status
- virtualmachineinstancereplicasets/status
- virtualmachineinstancemigrations/status
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /migration-policy-validate-create
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: migration-policy-validator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- migrations.kubevirt.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- migrationpolicies
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /vm-clone-validate-create
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: vm-clone-validator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- clone.kubevirt.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- virtualmachineclones
scope: '*'
sideEffects: None
timeoutSeconds: 10
Reference in New Issue View Git Blame Copy Permalink