# Register the webhook service as a validating webhook # since validating webhook(vwh) is a cluster scoped resource, append release # namespace along with release name to the vwh name to allow installing multiple # namespace scoped operators apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: name: {{.Release.Namespace}}-{{.Release.Name}}-vwc labels: # This label will be used by the webhook server to # list WebhookConfigurations to inject caBundle into webhook-server: {{.Release.Namespace }}-{{template "webhook-service.name" .}} webhooks: - clientConfig: # caBundle will be filled in by the webhook server service: name: {{template "webhook-service.name" .}} namespace: {{.Release.Namespace}} path: /ndb/validate port: {{ template "webhook-service.port" }} failurePolicy: Fail name: validating-webhook.ndbcluster.mysql.oracle.com {{- if not .Values.clusterScoped }} namespaceSelector: matchLabels: kubernetes.io/metadata.name: {{.Release.Namespace}} {{- end }} rules: - apiGroups: - mysql.oracle.com apiVersions: - v1 operations: - CREATE - UPDATE resources: - ndbclusters admissionReviewVersions: - v1 sideEffects: None