kubernetes-sigs
diff --git a/‎.github/workflows/test-e2e-samples.yml‎
Lines changed: 4 additions & 13 deletions b/‎.github/workflows/test-e2e-samples.yml‎
Lines changed: 4 additions & 13 deletions
diff --git a/‎docs/book/src/cronjob-tutorial/cert-manager.md‎
Lines changed: 0 additions & 3 deletions b/‎docs/book/src/cronjob-tutorial/cert-manager.md‎
Lines changed: 0 additions & 3 deletions
diff --git a/‎docs/book/src/cronjob-tutorial/testdata/project/config/default/kustomization.yaml‎
Lines changed: 127 additions & 101 deletions b/‎docs/book/src/cronjob-tutorial/testdata/project/config/default/kustomization.yaml‎
Lines changed: 127 additions & 101 deletions
diff --git a/‎docs/book/src/cronjob-tutorial/testdata/project/config/default/webhookcainjection_patch.yaml‎
Lines changed: 0 additions & 25 deletions b/‎docs/book/src/cronjob-tutorial/testdata/project/config/default/webhookcainjection_patch.yaml‎
Lines changed: 0 additions & 25 deletions
@@ -41,8 +41,7 @@ jobs:
         run: |
           KUSTOMIZATION_FILE_PATH="testdata/project-v4/config/default/kustomization.yaml"
           sed -i '25s/^#//' $KUSTOMIZATION_FILE_PATH
-          sed -i '51s/^#//' $KUSTOMIZATION_FILE_PATH
-          sed -i '55,151s/^#//' $KUSTOMIZATION_FILE_PATH
+          sed -i '50,177s/^#//' $KUSTOMIZATION_FILE_PATH
           cd testdata/project-v4/
           go mod tidy
 
@@ -81,17 +80,10 @@ jobs:
         run: |
           KUSTOMIZATION_FILE_PATH="testdata/project-v4-with-plugins/config/default/kustomization.yaml"
           sed -i '25s/^#//' $KUSTOMIZATION_FILE_PATH
-          sed -i '51s/^#//' $KUSTOMIZATION_FILE_PATH
           # Uncomment only ValidatingWebhookConfiguration
           # from cert-manager replaces
-          sed -i '55,70s/^#//' $KUSTOMIZATION_FILE_PATH
-          sed -i '79,101s/^#//' $KUSTOMIZATION_FILE_PATH
-          sed -i '110,151s/^#//' $KUSTOMIZATION_FILE_PATH
-          # Comment the injection for MutatingWebhookConfiguration
-          # Fixme: We should not scaffold or it should be commented
-          # by default when only validation webhooks are scaffolded
-          WEBHOOK_INJECTION_FILE_PATH="testdata/project-v4-with-plugins/config/default/webhookcainjection_patch.yaml"
-          sed -i '3,11s/^/#/' $WEBHOOK_INJECTION_FILE_PATH
+          sed -i '50,80s/^#//' $KUSTOMIZATION_FILE_PATH
+          sed -i '144,177s/^#//' $KUSTOMIZATION_FILE_PATH
           cd testdata/project-v4-with-plugins/
           go mod tidy
 
@@ -130,8 +122,7 @@ jobs:
         run: |
           KUSTOMIZATION_FILE_PATH="testdata/project-v4-multigroup/config/default/kustomization.yaml"
           sed -i '25s/^#//' $KUSTOMIZATION_FILE_PATH
-          sed -i '51s/^#//' $KUSTOMIZATION_FILE_PATH
-          sed -i '55,151s/^#//' $KUSTOMIZATION_FILE_PATH
+          sed -i '50,177s/^#//' $KUSTOMIZATION_FILE_PATH
           cd testdata/project-v4-multigroup
           go mod tidy
 
 
@@ -24,6 +24,3 @@ This is the [kustomize](https://github.com/kubernetes-sigs/kustomize) patch we
 used for annotating the [`MutatingWebhookConfiguration`](https://pkg.go.dev/k8s.io/api/admissionregistration/v1#MutatingWebhookConfiguration)
 / [`ValidatingWebhookConfiguration`](https://pkg.go.dev/k8s.io/api/admissionregistration/v1#ValidatingWebhookConfiguration) objects.
 
-```yaml
-{{#include ./testdata/project/config/default/webhookcainjection_patch.yaml}}
-```
@@ -45,107 +45,133 @@ patches:
 # crd/kustomization.yaml
 - path: manager_webhook_patch.yaml
 
-# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'.
-# Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks.
-# 'CERTMANAGER' needs to be enabled to use ca injection
-- path: webhookcainjection_patch.yaml
-
 # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix.
 # Uncomment the following replacements to add the cert-manager CA injection annotations
 replacements:
-  - source: # Add cert-manager annotation to ValidatingWebhookConfiguration, MutatingWebhookConfiguration and CRDs
-      kind: Certificate
-      group: cert-manager.io
-      version: v1
-      name: serving-cert # this name should match the one in certificate.yaml
-      fieldPath: .metadata.namespace # namespace of the certificate CR
-    targets:
-      - select:
-          kind: ValidatingWebhookConfiguration
-        fieldPaths:
-          - .metadata.annotations.[cert-manager.io/inject-ca-from]
-        options:
-          delimiter: '/'
-          index: 0
-          create: true
-      - select:
-          kind: MutatingWebhookConfiguration
-        fieldPaths:
-          - .metadata.annotations.[cert-manager.io/inject-ca-from]
-        options:
-          delimiter: '/'
-          index: 0
-          create: true
-      - select:
-          kind: CustomResourceDefinition
-        fieldPaths:
-          - .metadata.annotations.[cert-manager.io/inject-ca-from]
-        options:
-          delimiter: '/'
-          index: 0
-          create: true
-  - source:
-      kind: Certificate
-      group: cert-manager.io
-      version: v1
-      name: serving-cert # this name should match the one in certificate.yaml
-      fieldPath: .metadata.name
-    targets:
-      - select:
-          kind: ValidatingWebhookConfiguration
-        fieldPaths:
-          - .metadata.annotations.[cert-manager.io/inject-ca-from]
-        options:
-          delimiter: '/'
-          index: 1
-          create: true
-      - select:
-          kind: MutatingWebhookConfiguration
-        fieldPaths:
-          - .metadata.annotations.[cert-manager.io/inject-ca-from]
-        options:
-          delimiter: '/'
-          index: 1
-          create: true
-      - select:
-          kind: CustomResourceDefinition
-        fieldPaths:
-          - .metadata.annotations.[cert-manager.io/inject-ca-from]
-        options:
-          delimiter: '/'
-          index: 1
-          create: true
-  - source: # Add cert-manager annotation to the webhook Service
-      kind: Service
-      version: v1
-      name: webhook-service
-      fieldPath: .metadata.name # namespace of the service
-    targets:
-      - select:
-          kind: Certificate
-          group: cert-manager.io
-          version: v1
-        fieldPaths:
-          - .spec.dnsNames.0
-          - .spec.dnsNames.1
-        options:
-          delimiter: '.'
-          index: 0
-          create: true
-  - source:
-      kind: Service
-      version: v1
-      name: webhook-service
-      fieldPath: .metadata.namespace # namespace of the service
-    targets:
-      - select:
-          kind: Certificate
-          group: cert-manager.io
-          version: v1
-        fieldPaths:
-          - .spec.dnsNames.0
-          - .spec.dnsNames.1
-        options:
-          delimiter: '.'
-          index: 1
-          create: true
+ - source: # Uncomment the following block if you have a ValidatingWebhook (--programmatic-validation)
+     kind: Certificate
+     group: cert-manager.io
+     version: v1
+     name: serving-cert # This name should match the one in certificate.yaml
+     fieldPath: .metadata.namespace # Namespace of the certificate CR
+   targets:
+     - select:
+         kind: ValidatingWebhookConfiguration
+       fieldPaths:
+         - .metadata.annotations.[cert-manager.io/inject-ca-from]
+       options:
+         delimiter: '/'
+         index: 0
+         create: true
+ - source:
+     kind: Certificate
+     group: cert-manager.io
+     version: v1
+     name: serving-cert # This name should match the one in certificate.yaml
+     fieldPath: .metadata.name
+   targets:
+     - select:
+         kind: ValidatingWebhookConfiguration
+       fieldPaths:
+         - .metadata.annotations.[cert-manager.io/inject-ca-from]
+       options:
+         delimiter: '/'
+         index: 1
+         create: true
+
+ - source: # Uncomment the following block if you have a DefaultingWebhook (--defaulting )
+     kind: Certificate
+     group: cert-manager.io
+     version: v1
+     name: serving-cert # This name should match the one in certificate.yaml
+     fieldPath: .metadata.namespace # Namespace of the certificate CR
+   targets:
+     - select:
+         kind: MutatingWebhookConfiguration
+       fieldPaths:
+         - .metadata.annotations.[cert-manager.io/inject-ca-from]
+       options:
+         delimiter: '/'
+         index: 0
+         create: true
+ - source:
+     kind: Certificate
+     group: cert-manager.io
+     version: v1
+     name: serving-cert # This name should match the one in certificate.yaml
+     fieldPath: .metadata.name
+   targets:
+     - select:
+         kind: MutatingWebhookConfiguration
+       fieldPaths:
+         - .metadata.annotations.[cert-manager.io/inject-ca-from]
+       options:
+         delimiter: '/'
+         index: 1
+         create: true
+
+ - source: # Uncomment the following block if you have a ConversionWebhook (--conversion)
+     kind: Certificate
+     group: cert-manager.io
+     version: v1
+     name: serving-cert # This name should match the one in certificate.yaml
+     fieldPath: .metadata.namespace # Namespace of the certificate CR
+   targets:
+     - select:
+         kind: CustomResourceDefinition
+       fieldPaths:
+         - .metadata.annotations.[cert-manager.io/inject-ca-from]
+       options:
+         delimiter: '/'
+         index: 0
+         create: true
+ - source:
+     kind: Certificate
+     group: cert-manager.io
+     version: v1
+     name: serving-cert # This name should match the one in certificate.yaml
+     fieldPath: .metadata.name
+   targets:
+     - select:
+         kind: CustomResourceDefinition
+       fieldPaths:
+         - .metadata.annotations.[cert-manager.io/inject-ca-from]
+       options:
+         delimiter: '/'
+         index: 1
+         create: true
+
+ - source: # Uncomment the following block if you enable cert-manager
+     kind: Service
+     version: v1
+     name: webhook-service
+     fieldPath: .metadata.name # Name of the service
+   targets:
+     - select:
+         kind: Certificate
+         group: cert-manager.io
+         version: v1
+       fieldPaths:
+         - .spec.dnsNames.0
+         - .spec.dnsNames.1
+       options:
+         delimiter: '.'
+         index: 0
+         create: true
+ - source:
+     kind: Service
+     version: v1
+     name: webhook-service
+     fieldPath: .metadata.namespace # Namespace of the service
+   targets:
+     - select:
+         kind: Certificate
+         group: cert-manager.io
+         version: v1
+       fieldPaths:
+         - .spec.dnsNames.0
+         - .spec.dnsNames.1
+       options:
+         delimiter: '.'
+         index: 1
+         create: true