From 74b246b07c00c8f72e9158cf597a7c82363f6d20 Mon Sep 17 00:00:00 2001
From: Qiming Teng <tengqm@outlook.com>
Date: Sat, 14 Sep 2024 13:47:27 +0800
Subject: [PATCH] [zh] Drop an example file which is not referenced

---
 ...ebhook-configuration-match-conditions.yaml | 49 -------------------
 1 file changed, 49 deletions(-)
 delete mode 100644 content/zh-cn/examples/access/validating-webhook-configuration-match-conditions.yaml

diff --git a/content/zh-cn/examples/access/validating-webhook-configuration-match-conditions.yaml b/content/zh-cn/examples/access/validating-webhook-configuration-match-conditions.yaml
deleted file mode 100644
index 2465f93a3a..0000000000
--- a/content/zh-cn/examples/access/validating-webhook-configuration-match-conditions.yaml
+++ /dev/null
@@ -1,49 +0,0 @@
-apiVersion: admissionregistration.k8s.io/v1
-kind: ValidatingWebhookConfiguration
-webhooks:
-  - name: my-webhook.example.com
-    matchPolicy: Equivalent
-    rules:
-      - operations: ['CREATE','UPDATE']
-        apiGroups: ['*']
-        apiVersions: ['*']
-        resources: ['*']
-    failurePolicy: 'Ignore' # 打开失败（可选）
-    sideEffects: None
-    clientConfig:
-      service:
-        namespace: my-namespace
-        name: my-webhook
-      caBundle: '<omitted>'
-    # 每个 Webhook 最多可以有 64 个 matchConditions
-    matchConditions:
-      - name: 'exclude-leases' # 每个匹配条件必须有唯一的名称
-        expression: '!(request.resource.group == "coordination.k8s.io" && request.resource.resource == "leases")' # 匹配非租约（non-lease）资源
-      - name: 'exclude-kubelet-requests'
-        expression: '!("system:nodes" in request.userInfo.groups)' # 匹配非节点用户发出的请求
-      - name: 'rbac' # 跳过由第二个 Webhook 处理的 RBAC 请求。
-        expression: 'request.resource.group != "rbac.authorization.k8s.io"'
-
-  # 此示例说明了 `authorizer` 的用法。授权检查比简单表达式成本更高，
-  # 因此在本示例中，通过使用第二个 Webhook 将其范围限制为仅 RBAC 请求。
-  # 两个 Webhook 可以由同一 endpoint 提供服务。
-  - name: rbac.my-webhook.example.com
-    matchPolicy: Equivalent
-    rules:
-      - operations: ['CREATE','UPDATE']
-        apiGroups: ['rbac.authorization.k8s.io']
-        apiVersions: ['*']
-        resources: ['*']
-    failurePolicy: 'Fail' # Fail-closed (the default)
-    sideEffects: None
-    clientConfig:
-      service:
-        namespace: my-namespace
-        name: my-webhook
-      caBundle: '<omitted>'
-    # 每个 webhook 最多可以有 64 个 matchConditions
-    matchConditions:
-      - name: 'breakglass'
-        # 跳过被授权在此 Webhook 上 'breakglass' 的用户发出的请求。
-        # 'breakglass' API verb 不需要被排查在该检查之外。
-        expression: '!authorizer.group("admissionregistration.k8s.io").resource("validatingwebhookconfigurations").name("my-webhook.example.com").check("breakglass").allowed()'
\ No newline at end of file