feat: Initialize Zastava Webhook service with TLS and Authority authentication
- Added Program.cs to set up the web application with Serilog for logging, health check endpoints, and a placeholder admission endpoint. - Configured Kestrel server to use TLS 1.3 and handle client certificates appropriately. - Created StellaOps.Zastava.Webhook.csproj with necessary dependencies including Serilog and Polly. - Documented tasks in TASKS.md for the Zastava Webhook project, outlining current work and exit criteria for each task.
This commit is contained in:
15
deploy/helm/stellaops/templates/configmaps.yaml
Normal file
15
deploy/helm/stellaops/templates/configmaps.yaml
Normal file
@@ -0,0 +1,15 @@
|
||||
{{- $root := . -}}
|
||||
{{- range $name, $cfg := .Values.configMaps }}
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ include "stellaops.fullname" (dict "root" $root "name" $name) }}
|
||||
labels:
|
||||
{{- include "stellaops.labels" (dict "root" $root "name" $name "svc" (dict "class" "config")) | nindent 4 }}
|
||||
data:
|
||||
{{- range $fileName, $content := $cfg.data }}
|
||||
{{ $fileName }}: |
|
||||
{{ $content | nindent 4 }}
|
||||
{{- end }}
|
||||
---
|
||||
{{- end }}
|
||||
@@ -1,5 +1,6 @@
|
||||
{{- $root := . -}}
|
||||
{{- range $name, $svc := .Values.services }}
|
||||
{{- $configMounts := (default (list) $svc.configMounts) }}
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
@@ -53,11 +54,12 @@ spec:
|
||||
containerPort: {{ $port.containerPort }}
|
||||
protocol: {{ default "TCP" $port.protocol }}
|
||||
{{- end }}
|
||||
{{- else if $svc.service.port }}
|
||||
{{- else if and $svc.service (hasKey $svc.service "port") }}
|
||||
{{- $svcService := $svc.service }}
|
||||
ports:
|
||||
- name: {{ printf "%s-http" $name | trunc 63 | trimSuffix "-" }}
|
||||
containerPort: {{ $svc.service.targetPort | default $svc.service.port }}
|
||||
protocol: TCP
|
||||
containerPort: {{ default (index $svcService "port") (index $svcService "targetPort") }}
|
||||
protocol: {{ default "TCP" (index $svcService "protocol") }}
|
||||
{{- end }}
|
||||
{{- if $svc.resources }}
|
||||
resources:
|
||||
@@ -71,11 +73,25 @@ spec:
|
||||
readinessProbe:
|
||||
{{ toYaml $svc.readinessProbe | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if $svc.volumeMounts }}
|
||||
{{- if or $svc.volumeMounts $configMounts }}
|
||||
volumeMounts:
|
||||
{{- if $svc.volumeMounts }}
|
||||
{{ toYaml $svc.volumeMounts | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if or $svc.volumes $svc.volumeClaims }}
|
||||
{{- range $mount := $configMounts }}
|
||||
- name: {{ $mount.name }}
|
||||
mountPath: {{ $mount.mountPath }}
|
||||
{{- if $mount.subPath }}
|
||||
subPath: {{ $mount.subPath }}
|
||||
{{- end }}
|
||||
{{- if hasKey $mount "readOnly" }}
|
||||
readOnly: {{ $mount.readOnly }}
|
||||
{{- else }}
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if or $svc.volumes (or $svc.volumeClaims $configMounts) }}
|
||||
volumes:
|
||||
{{- if $svc.volumes }}
|
||||
{{ toYaml $svc.volumes | nindent 8 }}
|
||||
@@ -86,6 +102,19 @@ spec:
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ $claim.claimName }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- range $mount := $configMounts }}
|
||||
- name: {{ $mount.name }}
|
||||
configMap:
|
||||
name: {{ include "stellaops.fullname" (dict "root" $root "name" $mount.configMap) }}
|
||||
{{- if $mount.items }}
|
||||
items:
|
||||
{{ toYaml $mount.items | nindent 12 }}
|
||||
{{- else if $mount.subPath }}
|
||||
items:
|
||||
- key: {{ $mount.subPath }}
|
||||
path: {{ $mount.subPath }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if $svc.serviceAccount }}
|
||||
|
||||
Reference in New Issue
Block a user