Parametrize delete operations and timeout for webhook in helm chart #1051
Conversation
jonnylangefeld
force-pushed
the
jlf/parametrize-webhook
branch
from
e598302
to
8eea2b7
Compare
|
Thanks for the PR @jonnylangefeld Please update the yamls in the manifest_staging/ folder, where we host the staging charts and deployment yamls. All the yaml changes will then be promoted into the released charts folder with the next release. Please also add the new configurable values to the configuration table. |
jonnylangefeld
force-pushed
the
jlf/parametrize-webhook
branch
3 times, most recently
from
93a81f7
to
34dec8e
Compare
Codecov Report
@@ Coverage Diff @@
## master #1051 +/- ##
==========================================
- Coverage 47.66% 47.50% -0.17%
==========================================
Files 62 62
Lines 4225 4225
==========================================
- Hits 2014 2007 -7
- Misses 1956 1960 +4
- Partials 255 258 +3
Flags with carried forward coverage won't be shown. Click here to find out more.
Continue to review full report at Codecov.
|
|
@ritazh thanks for the review, I added the things you asked for. |
charts/gatekeeper/README.md
Outdated
| | disableValidatingWebhook | Disable ValidatingWebhook | `false` | | ||
| | disableValidatingWebhook | Disable the validating webhook | `false` | | ||
| | validatingWebhookTimeoutSeconds | The timeout for the validating webhook in seconds | `3` | | ||
| | enableDeleteOperations | Enable validating webhook for delete operations | `false` | |
There was a problem hiding this comment.
this change should only be in manifest_staging
README.md
Outdated
| @@ -475,6 +475,8 @@ Note: For admission webhooks registered for DELETE operations, use Kubernetes v1 | |||
| - DELETE | |||
| ``` | |||
|
|
|||
| If you use the helm chart, set `enableDeleteOperations=true`. | |||
There was a problem hiding this comment.
We should update readme after release is cut
There was a problem hiding this comment.
will that happen automatically based on the readme in staging_docs?
| @@ -31,10 +31,13 @@ webhooks: | |||
| operations: | |||
| - CREATE | |||
| - UPDATE | |||
| {{- if .Values.enableDeleteOperations }} | |||
There was a problem hiding this comment.
same here, you can revert any changes in charts
There was a problem hiding this comment.
Even though I don't fully understand (isn't there a discrepancy now between the chart in charts and in manifest_staging?), I have reverted all changes in charts.
There was a problem hiding this comment.
when we cut a new release, everything existing in charts is wiped and manifest_staging/charts gets promoted to charts.
jonnylangefeld
force-pushed
the
jlf/parametrize-webhook
branch
from
d4fa053
to
a2488d4
Compare
The readme mentions how to [enable delete operations](https://github.com/open-policy-agent/gatekeeper\#enable-delete-operations) by saying you should modify the yaml for the ValidatingWebhookConfiguration. However, there is no way to do this in the helm chart withough using your own fork. This fix allows to overwrite the value if you use the helm chart as a dependency. Additionally the webhook timeout was parametrized because in our organization we actually have a few clusters with slower response times. Both changes are not breaking any existing integrations, they just allow to overwrite default values Signed-off-by: Jonny Langefeld <jonny.langefeld@gmail.com>
Signed-off-by: Jonny Langefeld <jonny.langefeld@gmail.com>
Signed-off-by: Jonny Langefeld <jonny.langefeld@gmail.com>
jonnylangefeld
force-pushed
the
jlf/parametrize-webhook
branch
from
caabd36
to
a8517c9
Compare
The readme mentions how to enable delete operations by saying you should modify the yaml for the ValidatingWebhookConfiguration. However, there is no way to do this in the helm chart withough using your own fork.
This fix allows to overwrite the value if you use the helm chart as a dependency.
Additionally the webhook timeout was parametrized because in our organization we actually have a few clusters with slower response times.
Both changes are not breaking any existing integrations, they just allow to overwrite default values