From cebf512022a929a6a6e03266275f9e69be56efcf Mon Sep 17 00:00:00 2001
From: mochizuki875 <mzk875@gmail.com>
Date: Wed, 12 Jun 2024 04:38:32 +0000
Subject: [PATCH] add ingress controller admission svc

---
 .../ingress_nginx/tasks/main.yml               |  1 +
 ...c-ingress-nginx-controller-admission.yml.j2 | 18 ++++++++++++++++++
 2 files changed, 19 insertions(+)
 create mode 100644 roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/svc-ingress-nginx-controller-admission.yml.j2

diff --git a/roles/kubernetes-apps/ingress_controller/ingress_nginx/tasks/main.yml b/roles/kubernetes-apps/ingress_controller/ingress_nginx/tasks/main.yml
index ac64c82427d..518094af753 100644
--- a/roles/kubernetes-apps/ingress_controller/ingress_nginx/tasks/main.yml
+++ b/roles/kubernetes-apps/ingress_controller/ingress_nginx/tasks/main.yml
@@ -34,6 +34,7 @@
       - { name: role-admission-webhook, file: role-admission-webhook.yml, type: role }
       - { name: rolebinding-admission-webhook, file: rolebinding-admission-webhook.yml, type: rolebinding }
       - { name: admission-webhook-job, file: admission-webhook-job.yml, type: job }
+      - { name: svc-ingress-nginx-controller-admission, file: svc-ingress-nginx-controller-admission.yml, type: svc }
 
 - name: NGINX Ingress Controller | Append extra templates to NGINX Ingress Template list for service
   set_fact:
diff --git a/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/svc-ingress-nginx-controller-admission.yml.j2 b/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/svc-ingress-nginx-controller-admission.yml.j2
new file mode 100644
index 00000000000..e22c8e51cbe
--- /dev/null
+++ b/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/svc-ingress-nginx-controller-admission.yml.j2
@@ -0,0 +1,18 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/name: ingress-nginx
+    app.kubernetes.io/part-of: ingress-nginx
+  name: ingress-nginx-controller-admission
+  namespace: {{ ingress_nginx_namespace }}
+spec:
+  type: ClusterIP
+  ports:
+  - appProtocol: https
+    name: https-webhook
+    port: 443
+    targetPort: webhook
+  selector:
+    app.kubernetes.io/name: ingress-nginx
+    app.kubernetes.io/part-of: ingress-nginx