feat(admission-controller): simplify CA and certificate options

charts/admission-controller/README.md

@@ -143,10 +143,7 @@ The following table lists the configurable parameters of the `admission-controll
 | webhook.dryRun                                     | Dry Run request                                                                                                                                                                                                                                                                                                                                                                                                                                                     | <code>false</code>                                                                                                                                                                                 |
 | webhook.logLevel                                   | Log Level - Valid Values are: error, info, debug, trace                                                                                                                                                                                                                                                                                                                                                                                                             | <code>info</code>                                                                                                                                                                                  |
 | webhook.ssl.reuseTLSSecret                         | Reuse existing TLS Secret during chart upgrade                                                                                                                                                                                                                                                                                                                                                                                                                      | <code>false</code>                                                                                                                                                                                 |
-| webhook.ssl.ca.cert                                | For outbound connections (secure backend, proxy,...) <br/>And inbound connections to serve HttpRequests as Kubernetes Webhook. <br/>A PEM-encoded x509 certificate authority. <br/>If empty, a new CA will be autogenerated.                                                                                                                                                                                                                                        | <code>""</code>                                                                                                                                                                                    |
-| webhook.ssl.ca.key                                 | For outbound connections (secure backend, proxy,...) <br/>A PEM-encoded private key of the certificate authority to use in the certificate generation. <br/>If empty, a new CA will be autogenerated.                                                                                                                                                                                                                                                               | <code>""</code>                                                                                                                                                                                    |
-| webhook.ssl.cert                                   | For inbound connections to serve HttpRequests as Kubernetes Webhook. <br/>A PEM-encoded x509 certificate signed by the CA. <br/>If empty, a new cert will be generated. <br/>If provided, it must be valid with the `webhook.ssl.ca`. <br/>If this is set, the key must also be provided.                                                                                                                                                                           | <code>""</code>                                                                                                                                                                                    |
-| webhook.ssl.key                                    | For inbound connections to serve HttpRequests as Kubernetes Webhook. <br/>A PEM-encoded private key signed by the CA. <br/>If empty, a new key will be generated. <br/>If provided, it must be valid with the `webhook.ssl.ca`. <br/>If this is set, the cert must also be provided.                                                                                                                                                                                | <code>""</code>                                                                                                                                                                                    |
+| webhook.ssl.ca.cert                                | For outbound connections (secure backend, proxy,...) <br/>A PEM-encoded x509 certificate authority.                                                                                                                                                                                                                                                                                                                                                                 | <code>""</code>                                                                                                                                                                                    |
 | webhook.customEntryPoint                           | Custom entrypoint for the webhook <br/>Remember to provide the webhook valid arguments with `--tls_cert_file` and `--tls_private_key_file`. <br/>default: /bin/webhook --tls_cert_file /cert/tls.crt --tls_private_key_file /cert/tls.key                                                                                                                                                                                                                           | <code>[]</code>                                                                                                                                                                                    |
 | webhook.http.port                                  | HTTP serve port where the requests will be served from                                                                                                                                                                                                                                                                                                                                                                                                              | <code>5000</code>                                                                                                                                                                                  |
 | scc.create                                         | Enable the creation of Security Context Constraints in Openshift                                                                                                                                                                                                                                                                                                                                                                                                    | <code>true</code>                                                                                                                                                                                  |
@@ -176,7 +173,7 @@ The following table lists the configurable parameters of the `admission-controll
 | scanner.priorityClassName                          | priorityClassName config for the scanner                                                                                                                                                                                                                                                                                                                                                                                                                            | <code></code>                                                                                                                                                                                      |
 | scanner.tolerations                                | Tolerations for scheduling for the scanner                                                                                                                                                                                                                                                                                                                                                                                                                          | <code>[]</code>                                                                                                                                                                                    |
 | scanner.affinity                                   | Configure affinity rules for the scanner                                                                                                                                                                                                                                                                                                                                                                                                                            | <code>{}</code>                                                                                                                                                                                    |
-| scanner.ssl.ca.cert                                | For outbound connections (secure backend, proxy,...). <br/>A PEM-encoded x509 certificate authority. <br/>If empty, a new CA will be autogenerated.                                                                                                                                                                                                                                                                                                                 | <code>""</code>                                                                                                                                                                                    |
+| scanner.ssl.ca.cert                                | For outbound connections (secure backend, proxy,...). <br/>A PEM-encoded x509 certificate authority.                                                                                                                                                                                                                                                                                                                                                                | <code>""</code>                                                                                                                                                                                    |
 | scanner.customEntryPoint                           | Custom entrypoint for the scanner. <br/>Remember to provide the scanner valid arguments with `--server_port` and optionally `--auth_secure_token` <br/>default: /inline-scan-service --server_port=8080                                                                                                                                                                                                                                                             | <code>[]</code>                                                                                                                                                                                    |