istio/src/istiod-istio-system-validatingwebhookconfiguration.yaml - k8s-gerrit - Git at Google

 apiVersion: admissionregistration.k8s.io/v1beta1
 kind: ValidatingWebhookConfiguration
 metadata:
   name: istiod-istio-system
   labels:
     app: istiod
     release: istio
     istio: istiod
 webhooks:
   - name: validation.istio.io
     clientConfig:
       service:
         name: istiod
         namespace: istio-system
         path: "/validate"
       caBundle: "" # patched at runtime when the webhook is ready.
     rules:
       - operations:
         - CREATE
         - UPDATE
         apiGroups:
         - config.istio.io
         - rbac.istio.io
         - security.istio.io
         - authentication.istio.io
         - networking.istio.io
         apiVersions:
         - "*"
         resources:
         - "*"
     # Fail open until the validation webhook is ready. The webhook controller
     # will update this to `Fail` and patch in the `caBundle` when the webhook
     # endpoint is ready.
     failurePolicy: Ignore
     sideEffects: None
	apiVersion: admissionregistration.k8s.io/v1beta1
	kind: ValidatingWebhookConfiguration
	metadata:
	name: istiod-istio-system
	labels:
	app: istiod
	release: istio
	istio: istiod
	webhooks:
	- name: validation.istio.io
	clientConfig:
	service:
	name: istiod
	namespace: istio-system
	path: "/validate"
	caBundle: "" # patched at runtime when the webhook is ready.
	rules:
	- operations:
	- CREATE
	- UPDATE
	apiGroups:
	- config.istio.io
	- rbac.istio.io
	- security.istio.io
	- authentication.istio.io
	- networking.istio.io
	apiVersions:
	- "*"
	resources:
	- "*"
	# Fail open until the validation webhook is ready. The webhook controller
	# will update this to `Fail` and patch in the `caBundle` when the webhook
	# endpoint is ready.
	failurePolicy: Ignore
	sideEffects: None