github/kubevela
1
0
Fork 0
mirror of https://github.com/kubevela/kubevela.git synced 2026-02-14 10:00:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
d064d3dbd211ef6c309c45657fde3434bb368e83
kubevela/charts/vela-core/templates/admission-webhooks/mutatingWebhookConfiguration.yaml
Chaitanyareddy0702 d064d3dbd2
Some checks failed
Webhook Upgrade Validation / webhook-upgrade-check (push) Failing after 23s
Feat: Add configurable timeout for admission webhooks (#6977) 
* Feat: Add configurable timeout for admission webhooks

Signed-off-by: Amit Singh <singhamitch@outlook.com>
Signed-off-by: Chaitanyareddy0702 <chaitanyareddy0702@gmail.com>

* Feat: Update admission webhook timeout configuration to use admissionWebhookTimeout variable

Signed-off-by: Amit Singh <singhamitch@outlook.com>
Signed-off-by: Chaitanyareddy0702 <chaitanyareddy0702@gmail.com>

* Feat: Add admission webhook timeout parameter to README

Signed-off-by: Amit Singh <singhamitch@outlook.com>
Signed-off-by: Chaitanyareddy0702 <chaitanyareddy0702@gmail.com>

* removed period in readme to run pipelines

Signed-off-by: Vaibhav Agrawal <vaibhav.agrawal0096@gmail.com>
Signed-off-by: Chaitanyareddy0702 <chaitanyareddy0702@gmail.com>

---------

Signed-off-by: Amit Singh <singhamitch@outlook.com>
Signed-off-by: Chaitanyareddy0702 <chaitanyareddy0702@gmail.com>
Signed-off-by: Vaibhav Agrawal <vaibhav.agrawal0096@gmail.com>
2025-11-13 11:43:35 +08:00

78 lines
2.6 KiB
YAML
Raw Blame History

{{- if .Values.admissionWebhooks.enabled -}}
{{- /* Preserve existing caBundle on upgrade to avoid breaking admission if hooks fail. */}}
{{- $mName := printf "%s-admission" (include "kubevela.fullname" .) -}}
{{- $existing := (lookup "admissionregistration.k8s.io/v1" "MutatingWebhookConfiguration" "" $mName) -}}
{{- $vals := dict "apps" "" "comps" "" -}}
{{- if $existing -}}
{{- range $existing.webhooks -}}
{{- if eq .name "mutating.core.oam.dev.v1beta1.applications" -}}{{- $_ := set $vals "apps" .clientConfig.caBundle -}}{{- end -}}
{{- if eq .name "mutating.core.oam-dev.v1beta1.componentdefinitions" -}}{{- $_ := set $vals "comps" .clientConfig.caBundle -}}{{- end -}}
{{- end -}}
{{- end -}}
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
name: {{ template "kubevela.fullname" . }}-admission
namespace: {{ .Release.Namespace }}
{{- if .Values.admissionWebhooks.certManager.enabled }}
annotations:
cert-manager.io/inject-ca-from: {{ printf "%s/%s-root-cert" .Release.Namespace (include "kubevela.fullname" .) | quote }}
{{- end }}
webhooks:
- clientConfig:
caBundle: {{ default "Cg==" (get $vals "apps") }}
service:
name: {{ template "kubevela.name" . }}-webhook
namespace: {{ .Release.Namespace }}
path: /mutating-core-oam-dev-v1beta1-applications
{{- if .Values.admissionWebhooks.patch.enabled }}
failurePolicy: Ignore
{{- else }}
failurePolicy: Fail
{{- end }}
name: mutating.core.oam.dev.v1beta1.applications
admissionReviewVersions:
- v1beta1
- v1
sideEffects: None
rules:
- apiGroups:
- core.oam.dev
apiVersions:
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- applications
timeoutSeconds: {{ .Values.admissionWebhookTimeout }}
- clientConfig:
caBundle: {{ default "Cg==" (get $vals "comps") }}
service:
name: {{ template "kubevela.name" . }}-webhook
namespace: {{ .Release.Namespace }}
path: /mutating-core-oam-dev-v1beta1-componentdefinitions
{{- if .Values.admissionWebhooks.patch.enabled }}
failurePolicy: Ignore
{{- else }}
failurePolicy: Fail
{{- end }}
name: mutating.core.oam-dev.v1beta1.componentdefinitions
sideEffects: None
admissionReviewVersions:
- v1beta1
- v1
rules:
- apiGroups:
- core.oam.dev
apiVersions:
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- componentdefinitions
timeoutSeconds: {{ .Values.admissionWebhookTimeout }}
{{- end -}}
Reference in New Issue View Git Blame Copy Permalink