diff --git a/stable/aws-load-balancer-controller/README.md b/stable/aws-load-balancer-controller/README.md index 0cbe3f3f9..1e06bc872 100644 --- a/stable/aws-load-balancer-controller/README.md +++ b/stable/aws-load-balancer-controller/README.md @@ -228,6 +228,7 @@ The default values set by the application itself can be confirmed [here](https:/ | `webhookTLS.cert` | TLS certificate for webhook (auto-generated if not provided) | "" | | `webhookTLS.key` | TLS private key for webhook (auto-generated if not provided) | "" | | `webhookNamespaceSelectors` | Namespace selectors for the wekbook | None | +| `webhookAnnotations` | Annotations to be added to webhook configurations resource | `{}` | | `keepTLSSecret` | Reuse existing TLS Secret during chart upgrade | `true` | | `serviceAnnotations` | Annotations to be added to the provisioned webhook service resource | `{}` | | `serviceMaxConcurrentReconciles` | Maximum number of concurrently running reconcile loops for service | None | diff --git a/stable/aws-load-balancer-controller/templates/webhook.yaml b/stable/aws-load-balancer-controller/templates/webhook.yaml index 666770d0d..5a02e38dd 100644 --- a/stable/aws-load-balancer-controller/templates/webhook.yaml +++ b/stable/aws-load-balancer-controller/templates/webhook.yaml @@ -3,9 +3,14 @@ apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration metadata: -{{- if $.Values.enableCertManager }} +{{- if or $.Values.enableCertManager $.Values.webhookAnnotations }} annotations: + {{- if $.Values.webhookAnnotations }} + {{- toYaml $.Values.webhookAnnotations | nindent 4}} + {{- end }} + {{- if $.Values.enableCertManager }} cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ template "aws-load-balancer-controller.namePrefix" . }}-serving-cert + {{- end }} {{- end }} name: {{ include "aws-load-balancer-controller.namePrefix" . }}-webhook labels: @@ -121,9 +126,14 @@ webhooks: apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: -{{- if $.Values.enableCertManager }} +{{- if or $.Values.enableCertManager $.Values.webhookAnnotations }} annotations: + {{- if $.Values.webhookAnnotations }} + {{- toYaml $.Values.webhookAnnotations | nindent 4}} + {{- end }} + {{- if $.Values.enableCertManager }} cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ template "aws-load-balancer-controller.namePrefix" . }}-serving-cert + {{- end }} {{- end }} name: {{ include "aws-load-balancer-controller.namePrefix" . }}-webhook labels: diff --git a/stable/aws-load-balancer-controller/values.yaml b/stable/aws-load-balancer-controller/values.yaml index 1c3ce8bce..3a32e6500 100644 --- a/stable/aws-load-balancer-controller/values.yaml +++ b/stable/aws-load-balancer-controller/values.yaml @@ -99,6 +99,9 @@ updateStrategy: {} # maxSurge: 1 # maxUnavailable: 1 +# webhookAnnotations contains annotations to be added to webhooks. +webhookAnnotations: {} + # serviceAnnotations contains annotations to be added to the provisioned webhook service resource serviceAnnotations: {}