hooks/generic-webhook/templates/webhook-hook.yaml
# SPDX-FileCopyrightText: the secureCodeBox authors
#
# SPDX-License-Identifier: Apache-2.0
apiVersion: "execution.securecodebox.io/v1"
kind: ScanCompletionHook
metadata:
name: {{ include "generic-webhook.fullname" . }}
labels:
{{- include "generic-webhook.labels" . | nindent 4 }}
{{- with .Values.hook.labels }}
{{ toYaml . }}
{{- end }}
spec:
priority: {{ .Values.hook.priority }}
type: ReadOnly
image: "{{ .Values.hook.image.repository }}:{{ .Values.hook.image.tag | default .Chart.Version }}"
ttlSecondsAfterFinished: {{ .Values.hook.ttlSecondsAfterFinished }}
env:
- name: WEBHOOK_URL
value: {{ .Values.webhookUrl | quote }}
- name: WEBHOOK_USER
valueFrom:
secretKeyRef:
name: {{ .Values.hook.authentication.basic.userSecret }}
key: {{ .Values.hook.authentication.basic.usernameKey }}
optional: true
- name: WEBHOOK_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.hook.authentication.basic.userSecret }}
key: {{ .Values.hook.authentication.basic.passwordKey }}
optional: true
- name: WEBHOOK_APIKEY_HEADER_NAME
valueFrom:
secretKeyRef:
name: {{ .Values.hook.authentication.apikey.userSecret }}
key: {{ .Values.hook.authentication.apikey.headerNameKey }}
optional: true
- name: WEBHOOK_APIKEY_HEADER_VALUE
valueFrom:
secretKeyRef:
name: {{ .Values.hook.authentication.apikey.userSecret }}
key: {{ .Values.hook.authentication.apikey.headerValueKey }}
optional: true
{{ if .Values.hook.env }}
{{- toYaml .Values.hook.env | nindent 4 }}
{{ end }}
affinity:
{{- toYaml .Values.hook.affinity | nindent 4 }}
tolerations:
{{- toYaml .Values.hook.tolerations | nindent 4 }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.hook.resources }}
resources:
{{- toYaml . | nindent 4 }}
{{- end }}
volumes:
{{- toYaml .Values.hook.extraVolumes | nindent 4 }}
volumeMounts:
{{- toYaml .Values.hook.extraVolumeMounts | nindent 4 }}