webhook

Webhook component providing API validation, mutation and conversion functionality for cert-manager (canary) ()

Usage:
  webhook [flags]

Flags:
      --add-dir-header                               If true, adds the file directory to the header of the log messages
      --alsologtostderr                              log to standard error as well as files (no effect when -logtostderr=true)
      --api-server-host string                       Optional apiserver host address to connect to. If not specified, autoconfiguration will be attempted.
      --config string                                Path to a file containing a WebhookConfiguration object used to configure the webhook
      --dynamic-serving-ca-secret-name string        name of the secret used to store the CA that signs serving certificates certificates
      --dynamic-serving-ca-secret-namespace string   namespace of the secret used to store the CA that signs serving certificates
      --dynamic-serving-dns-names strings            DNS names that should be present on certificates generated by the dynamic serving CA
      --enable-profiling                             Enable profiling for webhook.
      --feature-gates mapStringBool                  A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
                AdditionalCertificateOutputFormats=true|false (ALPHA - default=false)
                AllAlpha=true|false (ALPHA - default=false)
                AllBeta=true|false (BETA - default=false)
                ExperimentalCertificateSigningRequestControllers=true|false (ALPHA - default=false)
                ExperimentalGatewayAPISupport=true|false (ALPHA - default=false)
                LiteralCertificateSubject=true|false (ALPHA - default=false)
                ServerSideApply=true|false (ALPHA - default=false)
                StableCertificateRequestName=true|false (ALPHA - default=false)
                ValidateCAA=true|false (ALPHA - default=false)
      --healthz-port int                             port number to listen on for insecure healthz connections (default 6080)
  -h, --help                                         help for webhook
      --kubeconfig string                            optional path to the kubeconfig used to connect to the apiserver. If not specified, in-cluster-config will be used
      --log-backtrace-at traceLocation               when logging hits line file:N, emit a stack trace (default :0)
      --log-dir string                               If non-empty, write log files in this directory (no effect when -logtostderr=true)
      --log-file string                              If non-empty, use this log file (no effect when -logtostderr=true)
      --log-file-max-size uint                       Defines the maximum size a log file can grow to (no effect when -logtostderr=true). Unit is megabytes. If the value is 0, the maximum file size is unlimited. (default 1800)
      --logtostderr                                  log to standard error instead of files (default true)
      --one-output                                   If true, only write logs to their native severity level (vs also writing to each lower severity level; no effect when -logtostderr=true)
      --profiler-address string                      Address of the Go profiler (pprof). This should never be exposed on a public interface. If this flag is not set, the profiler is not run. (default "localhost:6060")
      --secure-port int                              port number to listen on for secure TLS connections (default 6443)
      --skip-headers                                 If true, avoid header prefixes in the log messages
      --skip-log-headers                             If true, avoid headers when opening log files (no effect when -logtostderr=true)
      --stderrthreshold severity                     logs at or above this threshold go to stderr when writing to files and stderr (no effect when -logtostderr=true or -alsologtostderr=false) (default 2)
      --tls-cert-file string                         path to the file containing the TLS certificate to serve with
      --tls-cipher-suites strings                    Comma-separated list of cipher suites for the server. If omitted, the default Go cipher suites will be use.  Possible values: TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_CHACHA20_POLY1305_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_RC4_128_SHA
      --tls-min-version string                       Minimum TLS version supported. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
      --tls-private-key-file string                  path to the file containing the TLS private key to serve with
  -v, --v Level                                      number for the log level verbosity
      --vmodule moduleSpec                           comma-separated list of pattern=N settings for file-filtered logging