From bb907d4801384a2f9f64c5241698ac579f6eb7e7 Mon Sep 17 00:00:00 2001 From: Ankur Gupta Date: Sat, 18 May 2024 16:55:32 +0530 Subject: [PATCH 1/2] Add webhook annotations --- stable/aws-load-balancer-controller/README.md | 1 + .../templates/webhook.yaml | 14 ++++++++++++-- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/stable/aws-load-balancer-controller/README.md b/stable/aws-load-balancer-controller/README.md index 0cbe3f3f9..1e06bc872 100644 --- a/stable/aws-load-balancer-controller/README.md +++ b/stable/aws-load-balancer-controller/README.md @@ -228,6 +228,7 @@ The default values set by the application itself can be confirmed [here](https:/ | `webhookTLS.cert` | TLS certificate for webhook (auto-generated if not provided) | "" | | `webhookTLS.key` | TLS private key for webhook (auto-generated if not provided) | "" | | `webhookNamespaceSelectors` | Namespace selectors for the wekbook | None | +| `webhookAnnotations` | Annotations to be added to webhook configurations resource | `{}` | | `keepTLSSecret` | Reuse existing TLS Secret during chart upgrade | `true` | | `serviceAnnotations` | Annotations to be added to the provisioned webhook service resource | `{}` | | `serviceMaxConcurrentReconciles` | Maximum number of concurrently running reconcile loops for service | None | diff --git a/stable/aws-load-balancer-controller/templates/webhook.yaml b/stable/aws-load-balancer-controller/templates/webhook.yaml index 666770d0d..5a02e38dd 100644 --- a/stable/aws-load-balancer-controller/templates/webhook.yaml +++ b/stable/aws-load-balancer-controller/templates/webhook.yaml @@ -3,9 +3,14 @@ apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration metadata: -{{- if $.Values.enableCertManager }} +{{- if or $.Values.enableCertManager $.Values.webhookAnnotations }} annotations: + {{- if $.Values.webhookAnnotations }} + {{- toYaml $.Values.webhookAnnotations | nindent 4}} + {{- end }} + {{- if $.Values.enableCertManager }} cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ template "aws-load-balancer-controller.namePrefix" . }}-serving-cert + {{- end }} {{- end }} name: {{ include "aws-load-balancer-controller.namePrefix" . }}-webhook labels: @@ -121,9 +126,14 @@ webhooks: apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: -{{- if $.Values.enableCertManager }} +{{- if or $.Values.enableCertManager $.Values.webhookAnnotations }} annotations: + {{- if $.Values.webhookAnnotations }} + {{- toYaml $.Values.webhookAnnotations | nindent 4}} + {{- end }} + {{- if $.Values.enableCertManager }} cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ template "aws-load-balancer-controller.namePrefix" . }}-serving-cert + {{- end }} {{- end }} name: {{ include "aws-load-balancer-controller.namePrefix" . }}-webhook labels: From 25aa43289e5a6d29f2b895ed0cb37d8ece8cb4c3 Mon Sep 17 00:00:00 2001 From: Ankur Gupta Date: Sat, 18 May 2024 17:02:01 +0530 Subject: [PATCH 2/2] Add webhook annotations --- stable/aws-load-balancer-controller/values.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/stable/aws-load-balancer-controller/values.yaml b/stable/aws-load-balancer-controller/values.yaml index 1c3ce8bce..3a32e6500 100644 --- a/stable/aws-load-balancer-controller/values.yaml +++ b/stable/aws-load-balancer-controller/values.yaml @@ -99,6 +99,9 @@ updateStrategy: {} # maxSurge: 1 # maxUnavailable: 1 +# webhookAnnotations contains annotations to be added to webhooks. +webhookAnnotations: {} + # serviceAnnotations contains annotations to be added to the provisioned webhook service resource serviceAnnotations: {}