apiVersion: apps/v1
kind: Deployment
metadata:
  name: sidecar-injector-webhook-deployment
  labels:
    app: sidecar-injector
spec:
  replicas: 1
  selector:
    matchLabels:
      app: sidecar-injector
  template:
    metadata:
      labels:
        app: sidecar-injector
    spec:
      containers:
        - name: sidecar-injector
          image: ${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com/sidecar-injector:v20220126-b326755-dirty
          imagePullPolicy: IfNotPresent
          args:
          - -sidecarCfgFile=/etc/webhook/config/sidecarconfig.yaml
          - -tlsCertFile=/etc/webhook/certs/cert.pem
          - -tlsKeyFile=/etc/webhook/certs/key.pem
          - -alsologtostderr
          - -v=4
          - 2>&1
          volumeMounts:
          - name: webhook-certs
            mountPath: /etc/webhook/certs
            readOnly: true
          - name: webhook-config
            mountPath: /etc/webhook/config
      volumes:
      - name: webhook-certs
        secret:
          secretName: sidecar-injector-webhook-certs
      - name: webhook-config
        configMap:
          name: sidecar-injector-webhook-configmap