Ana Sayfa Keşfet Yardım
Giriş Yap
logic855
/
helm-external-secrets
şunun yansıması https://github.com/external-secrets/external-secrets
1
0
Çatalla 0
Dosyalar Sorunlar 0 Wiki
Kaynağa Gözat

Add Helm chart value that disables webhook secret creation (#2721)

Signed-off-by: Leonardo M. Miranda <leonardomichalskim@gmail.com>
Leonardo M. Miranda 2 yıl önce
ebeveyn
a9ed6011bb
işleme
d47a396ad2
4 değiştirilmiş dosya ile 16 ekleme ve 1 silme
Görünümü Böl Farklılık Durumunu Göster
  1. 1 0
      deploy/charts/external-secrets/README.md
  2. 1 1
      deploy/charts/external-secrets/templates/webhook-secret.yaml
  3. 10 0
      deploy/charts/external-secrets/tests/webhook_test.yaml
  4. 4 0
      deploy/charts/external-secrets/values.yaml

+ 1 - 0
deploy/charts/external-secrets/README.md
Dosyayı Görüntüle 

@@ -151,6 +151,7 @@ The command removes all the Kubernetes components associated with the chart and
 
 | webhook.affinity | object | `{}` |  |
 
 | webhook.certCheckInterval | string | `"5m"` | Specifices the time to check if the cert is valid |
 
 | webhook.certSecretNameOverride | string | `""` | If its value is different from the default one, it overrides the name of the secret resource where the webhook certificates are stored. |
 
+| webhook.createWebhookSecret | bool | `true` | Whether to create the webhook secret resource (doesn't interfere with `webhook.certManager.cert.create`). |
 
 | webhook.certDir | string | `"/tmp/certs"` |  |
 
 | webhook.certManager.addInjectorAnnotations | bool | `true` | Automatically add the cert-manager.io/inject-ca-from annotation to the webhooks and CRDs. As long as you have the cert-manager CA Injector enabled, this will automatically setup your webhook's CA to the one used by cert-manager. See https://cert-manager.io/docs/concepts/ca-injector |
 
 | webhook.certManager.cert.annotations | object | `{}` | Add extra annotations to the Certificate resource. |

+ 1 - 1
deploy/charts/external-secrets/templates/webhook-secret.yaml
Dosyayı Görüntüle 

@@ -1,4 +1,4 @@
 
-{{- if and .Values.webhook.create (not .Values.webhook.certManager.enabled) }}
 
+{{- if and .Values.webhook.create (not .Values.webhook.certManager.enabled) .Values.webhook.createWebhookSecret }}
 
 apiVersion: v1
 
 kind: Secret
 
 metadata:

+ 10 - 0
deploy/charts/external-secrets/tests/webhook_test.yaml
Dosyayı Görüntüle 

@@ -113,6 +113,16 @@ tests:
 
     templates:
 
       - webhook-secret.yaml
 
       - webhook-certificate.yaml
 
+  - it: also should not create the secret nor the certificate
 
+    set:
 
+      webhook.certManager.enabled: false
 
+      webhook.createWebhookSecret: false
 
+    asserts:
 
+      - hasDocuments:
 
+          count: 0
 
+    templates:
 
+      - webhook-secret.yaml
 
+      - webhook-certificate.yaml
 
   - it: should
 
     set:
 
       webhook.certManager.enabled: true

+ 4 - 0
deploy/charts/external-secrets/values.yaml
Dosyayı Görüntüle 

@@ -223,6 +223,10 @@ webhook:
 
   # stored.
 
   certSecretNameOverride: ""
 
 
+  # -- Whether to create the webhook secret resource (doesn't interfere with
 
+  # webhook.certManager.cert.create).
 
+  createWebhookSecret: true
 
+
 
   certDir: /tmp/certs
 
   # -- Specifies whether validating webhooks should be created with failurePolicy: Fail or Ignore
 
   failurePolicy: Fail