diff --git a/charts/external-dns/README.md b/charts/external-dns/README.md index bae1d5f238..8ec4537bae 100644 --- a/charts/external-dns/README.md +++ b/charts/external-dns/README.md @@ -94,7 +94,6 @@ If `namespaced` is set to `true`, please ensure that `sources` my only contains | Key | Type | Default | Description | |-----|------|---------|-------------| | affinity | object | `{}` | Affinity settings for `Pod` [scheduling](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). If an explicit label selector is not provided for pod affinity or pod anti-affinity one will be created from the pod selector labels. | -| annotationFilter | string | `nil` | Filter resources queried for endpoints by annotation selector. | | automountServiceAccountToken | bool | `true` | Set this to `false` to [opt out of API credential automounting](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#opt-out-of-api-credential-automounting) for the `Pod`. | | commonLabels | object | `{}` | Labels to add to all chart resources. | | deploymentAnnotations | object | `{}` | Annotations to add to the `Deployment`. | @@ -131,7 +130,9 @@ If `namespaced` is set to `true`, please ensure that `sources` my only contains | podSecurityContext | object | See _values.yaml_ | [Pod security context](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#podsecuritycontext-v1-core), this supports full customisation. | | policy | string | `"upsert-only"` | How DNS records are synchronized between sources and providers; available values are `create-only`, `sync`, & `upsert-only`. | | priorityClassName | string | `nil` | Priority class name for the `Pod`. | +| provider | object | See _values.yaml_ | Provider configuration | | provider.name | string | `"aws"` | _ExternalDNS_ provider name; for the available providers and how to configure them see [README](https://github.com/kubernetes-sigs/external-dns/blob/master/charts/external-dns/README.md#providers). | +| provider.webhook | object | See _values.yaml_ | Webhook configuration | | provider.webhook.args | list | `[]` | Extra arguments to provide for the `webhook` container. | | provider.webhook.env | list | `[]` | [Environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/) for the `webhook` container. | | provider.webhook.extraVolumeMounts | list | `[]` | Extra [volume mounts](https://kubernetes.io/docs/concepts/storage/volumes/) for the `webhook` container. | @@ -139,11 +140,28 @@ If `namespaced` is set to `true`, please ensure that `sources` my only contains | provider.webhook.image.repository | string | `nil` | Image repository for the `webhook` container. | | provider.webhook.image.tag | string | `nil` | Image tag for the `webhook` container. | | provider.webhook.livenessProbe | object | See _values.yaml_ | [Liveness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) configuration for the `external-dns` container. | +| provider.webhook.readTimeout | integer | `nil` | Webhook read timeout | | provider.webhook.readinessProbe | object | See _values.yaml_ | [Readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) configuration for the `webhook` container. | | provider.webhook.resources | object | `{}` | [Resources](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for the `webhook` container. | | provider.webhook.securityContext | object | See _values.yaml_ | [Pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) for the `webhook` container. | | provider.webhook.service.port | int | `8080` | Webhook exposed HTTP port for the service. | | provider.webhook.serviceMonitor | object | See _values.yaml_ | Optional [Service Monitor](https://prometheus-operator.dev/docs/operator/design/#servicemonitor) configuration for the `webhook` container. | +| provider.webhook.sidecar | object | See _values.yaml_ | Webhook sidecar container configuration | +| provider.webhook.sidecar.args | list | `[]` | Extra arguments to provide for the `webhook` container. | +| provider.webhook.sidecar.enabled | boolean | `false` | Whether or not to include a webhook sidecar in the external dns deployment | +| provider.webhook.sidecar.env | list | `[]` | [Environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/) for the `webhook` container. | +| provider.webhook.sidecar.extraVolumeMounts | list | `[]` | Extra [volume mounts](https://kubernetes.io/docs/concepts/storage/volumes/) for the `webhook` container. | +| provider.webhook.sidecar.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy for the `webhook` container. | +| provider.webhook.sidecar.image.repository | string | `nil` | Image repository for the `webhook` container. | +| provider.webhook.sidecar.image.tag | string | `nil` | Image tag for the `webhook` container. | +| provider.webhook.sidecar.livenessProbe | object | See _values.yaml_ | [Liveness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) configuration for the `external-dns` container. | +| provider.webhook.sidecar.readinessProbe | object | See _values.yaml_ | [Readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) configuration for the `webhook` container. | +| provider.webhook.sidecar.resources | object | `{}` | [Resources](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for the `webhook` container. | +| provider.webhook.sidecar.securityContext | object | See _values.yaml_ | [Pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) for the `webhook` container. | +| provider.webhook.sidecar.service.port | int | `8080` | Webhook exposed HTTP port for the service. | +| provider.webhook.sidecar.serviceMonitor | object | See _values.yaml_ | Optional [Service Monitor](https://prometheus-operator.dev/docs/operator/design/#servicemonitor) configuration for the `webhook` container. | +| provider.webhook.url | string | `nil` | Webhook URL | +| provider.webhook.writeTimeout | integer | `nil` | Webhook write timeout | | rbac.additionalPermissions | list | `[]` | Additional rules to add to the `ClusterRole`. | | rbac.create | bool | `true` | If `true`, create a `ClusterRole` & `ClusterRoleBinding` with access to the Kubernetes API. | | readinessProbe | object | See _values.yaml_ | [Readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) configuration for the `external-dns` container. | diff --git a/charts/external-dns/schema/values.yaml b/charts/external-dns/schema/values.yaml index 3b2f8598fc..0e5fc1f7db 100644 --- a/charts/external-dns/schema/values.yaml +++ b/charts/external-dns/schema/values.yaml @@ -11,6 +11,15 @@ resources: provider: webhook: + sidecar: + requests: + cpu: 200m + memory: 128Mi + limits: + cpu: 300m + memory: 200Mi + + # deprecated: requests: cpu: 200m memory: 128Mi diff --git a/charts/external-dns/templates/deployment.yaml b/charts/external-dns/templates/deployment.yaml index 70f231fb4a..a025b80939 100644 --- a/charts/external-dns/templates/deployment.yaml +++ b/charts/external-dns/templates/deployment.yaml @@ -130,6 +130,17 @@ spec: - --managed-record-types={{ . }} {{- end }} - --provider={{ $providerName }} + {{- if kindIs "map" .Values.provider }} + {{- if .Values.provider.webhook.readTimeout }} + - --webhook-provider-read-timeout={{ .Values.provider.webhook.readTimeout }} + {{- end }} + {{- if .Values.provider.webhook.writeTimeout }} + - --webhook-provider-write-timeout={{ .Values.provider.webhook.writeTimeout }} + {{- end }} + {{- if .Values.provider.webhook.url }} + - --webhook-provider-url={{ .Values.provider.webhook.url }} + {{- end }} + {{- end }} {{- if kindIs "map" .Values.extraArgs }} {{- range $key, $value := .Values.extraArgs }} {{- if not (kindIs "invalid" $value) }} @@ -175,7 +186,44 @@ spec: resources: {{- toYaml . | nindent 12 }} {{- end }} - {{- if eq $providerName "webhook" }} + {{- if eq $providerName "webhook" }} + {{- if and .Values.provider.webhook.sidecar .Values.provider.webhook.sidecar.enabled }} + {{- with .Values.provider.webhook.sidecar }} + - name: webhook + image: {{ include "external-dns.webhookImage" . }} + imagePullPolicy: {{ .image.pullPolicy }} + {{- with .env }} + env: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .args }} + args: + {{- toYaml . | nindent 12 }} + {{- end }} + ports: + - name: http-webhook + protocol: TCP + containerPort: 8080 + livenessProbe: + {{- toYaml .livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .readinessProbe | nindent 12 }} + {{- if .extraVolumeMounts }} + volumeMounts: + {{- with .extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} + {{- end }} + {{- with .resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .securityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- end }} + {{- else if not .Values.provider.webhook.sidecar }} {{- with .Values.provider.webhook }} - name: webhook image: {{ include "external-dns.webhookImage" . }} @@ -212,6 +260,7 @@ spec: {{- end }} {{- end }} {{- end }} + {{- end }} {{- if or .Values.secretConfiguration.enabled .Values.extraVolumes }} volumes: {{- if .Values.secretConfiguration.enabled }} diff --git a/charts/external-dns/templates/service.yaml b/charts/external-dns/templates/service.yaml index e55e2a368a..5812ecaa5d 100644 --- a/charts/external-dns/templates/service.yaml +++ b/charts/external-dns/templates/service.yaml @@ -27,6 +27,14 @@ spec: targetPort: http protocol: TCP {{- if eq $providerName "webhook" }} + {{- if and .Values.provider.webhook.sidecar .Values.provider.webhook.sidecar.enabled }} + {{- with .Values.provider.webhook.sidecar.service }} + - name: http-webhook + port: {{ .port }} + targetPort: http-webhook + protocol: TCP + {{- end }} + {{- else }} {{- with .Values.provider.webhook.service }} - name: http-webhook port: {{ .port }} @@ -34,3 +42,4 @@ spec: protocol: TCP {{- end }} {{- end }} + {{- end }} diff --git a/charts/external-dns/templates/servicemonitor.yaml b/charts/external-dns/templates/servicemonitor.yaml index 004756c7b2..d2abe4ba05 100644 --- a/charts/external-dns/templates/servicemonitor.yaml +++ b/charts/external-dns/templates/servicemonitor.yaml @@ -50,6 +50,36 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} {{- if eq $providerName "webhook" }} + {{- if and .Values.provider.webhook.sidecar .Values.provider.webhook.sidecar.enabled }} + {{- with .Values.provider.webhook.sidecar.serviceMonitor }} + - port: http-webhook + path: /metrics + {{- with .interval }} + interval: {{ . }} + {{- end }} + {{- with .scheme }} + scheme: {{ . }} + {{- end }} + {{- with .bearerTokenFile }} + bearerTokenFile: {{ . }} + {{- end }} + {{- with .tlsConfig }} + tlsConfig: + {{- toYaml .| nindent 8 }} + {{- end }} + {{- with .scrapeTimeout }} + scrapeTimeout: {{ . }} + {{- end }} + {{- with .metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} + {{- else }} {{- with .Values.provider.webhook.serviceMonitor }} - port: http-webhook path: /metrics @@ -79,6 +109,7 @@ spec: {{- end }} {{- end }} {{- end }} + {{- end }} {{- with .Values.serviceMonitor.targetLabels }} targetLabels: {{- toYaml . | nindent 4 }} diff --git a/charts/external-dns/tests/webhook_test.yaml b/charts/external-dns/tests/webhook_test.yaml new file mode 100644 index 0000000000..72999acf31 --- /dev/null +++ b/charts/external-dns/tests/webhook_test.yaml @@ -0,0 +1,89 @@ +suite: Webhook configuration +templates: + - deployment.yaml +release: + namespace: default +tests: + - it: should use the new sidecar values for the webhook container if enabled + set: + provider.name: webhook + provider.webhook.sidecar.enabled: true + provider.webhook.sidecar.image.repository: docker.io/new/webhook-container + provider.webhook.sidecar.image.tag: v0 + asserts: + - equal: + path: spec.template.spec.containers[?(@.name == "webhook")].image + value: docker.io/new/webhook-container:v0 + + - it: should omit the webhook container if new sidecar is disabled + set: + provider.name: webhook + provider.webhook.sidecar.enabled: false + asserts: + - notExists: + path: spec.template.spec.containers[?(@.name == "webhook")] + + - it: should use the deprecated values for the webhook container if new sidecar values are empty + set: + provider.name: webhook + provider.webhook.sidecar: + provider.webhook.image.repository: docker.io/deprecated/webhook-container + provider.webhook.image.tag: v0 + asserts: + - equal: + path: spec.template.spec.containers[?(@.name == "webhook")].image + value: docker.io/deprecated/webhook-container:v0 + + - it: should use the common webhook fields if set and legecy sidecar enabled + set: + provider.name: webhook + provider.webhook.sidecar: + provider.webhook.image.repository: docker.io/deprecated/webhook-container + provider.webhook.image.tag: v1.1.1 + provider.webhook.url: https://webhook:8080 + provider.webhook.readTimeout: 111 + provider.webhook.writeTimeout: 222 + asserts: + - exists : + path: spec.template.spec.containers[?(@.name == "external-dns")] + - equal : + path: spec.template.spec.containers[?(@.name == "external-dns")].args + value: + - --log-level=info + - --log-format=text + - --interval=1m + - --source=service + - --source=ingress + - --policy=upsert-only + - --registry=txt + - --provider=webhook + - --webhook-provider-read-timeout=111 + - --webhook-provider-write-timeout=222 + - --webhook-provider-url=https://webhook:8080 + + - it: should use the common webhook fields if set and new sidecar enabled + set: + provider.name: webhook + provider.webhook.sidecar.enabled: true + provider.webhook.sidecar.image.repository: docker.io/new/webhook-container + provider.webhook.sidecar.image.tag: v0 + provider.webhook.url: https://webhook:8888 + provider.webhook.readTimeout: 222 + provider.webhook.writeTimeout: 333 + asserts: + - exists : + path: spec.template.spec.containers[?(@.name == "external-dns")] + - equal : + path: spec.template.spec.containers[?(@.name == "external-dns")].args + value: + - --log-level=info + - --log-format=text + - --interval=1m + - --source=service + - --source=ingress + - --policy=upsert-only + - --registry=txt + - --provider=webhook + - --webhook-provider-read-timeout=222 + - --webhook-provider-write-timeout=333 + - --webhook-provider-url=https://webhook:8888 diff --git a/charts/external-dns/values.schema.json b/charts/external-dns/values.schema.json index 22bfef2ab5..fed0133e5f 100644 --- a/charts/external-dns/values.schema.json +++ b/charts/external-dns/values.schema.json @@ -6,13 +6,6 @@ "description": "Affinity settings for `Pod` [scheduling](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). If an explicit label selector is not provided for pod affinity or pod anti-affinity one will be created from the pod selector labels.", "type": "object" }, - "annotationFilter": { - "description": "Filter resources queried for endpoints by annotation selector.", - "type": [ - "string", - "null" - ] - }, "automountServiceAccountToken": { "description": "Set this to `false` to [opt out of API credential automounting](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#opt-out-of-api-credential-automounting) for the `Pod`.", "type": "boolean" @@ -296,6 +289,7 @@ ] }, "provider": { + "description": "Provider configuration", "type": [ "object", "string" @@ -303,10 +297,17 @@ "properties": { "name": { "description": "_ExternalDNS_ provider name; for the available providers and how to configure them see [README](https://github.com/kubernetes-sigs/external-dns/blob/master/charts/external-dns/README.md#providers).", - "type": "string" + "type": [ + "string", + "null" + ] }, "webhook": { - "type": "object", + "description": "Webhook configuration", + "type": [ + "object", + "null" + ], "properties": { "args": { "description": "Extra arguments to provide for the `webhook` container.", @@ -408,6 +409,13 @@ } } }, + "readTimeout": { + "description": "Webhook read timeout", + "type": [ + "integer", + "null" + ] + }, "readinessProbe": { "description": "[Readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) configuration for the `webhook` container.", "type": "object", @@ -516,6 +524,242 @@ "type": "object" } } + }, + "sidecar": { + "description": "Webhook sidecar container configuration", + "type": [ + "object", + "null" + ], + "properties": { + "args": { + "description": "Extra arguments to provide for the `webhook` container.", + "type": "array" + }, + "enabled": { + "description": "Whether or not to include a webhook sidecar in the external dns deployment", + "type": "boolean" + }, + "env": { + "description": "[Environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/) for the `webhook` container.", + "type": "array" + }, + "extraVolumeMounts": { + "description": "Extra [volume mounts](https://kubernetes.io/docs/concepts/storage/volumes/) for the `webhook` container.", + "type": "array" + }, + "image": { + "type": "object", + "properties": { + "pullPolicy": { + "description": "Image pull policy for the `webhook` container.", + "type": "string" + }, + "repository": { + "description": "Image repository for the `webhook` container.", + "type": [ + "string", + "null" + ] + }, + "tag": { + "description": "Image tag for the `webhook` container.", + "type": [ + "string", + "null" + ] + } + } + }, + "limits": { + "type": "object", + "properties": { + "cpu": { + "type": "string" + }, + "memory": { + "type": "string" + } + } + }, + "livenessProbe": { + "description": "[Liveness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) configuration for the `external-dns` container.", + "type": "object", + "properties": { + "failureThreshold": { + "type": [ + "integer", + "null" + ] + }, + "httpGet": { + "type": "object", + "properties": { + "path": { + "type": [ + "string", + "null" + ] + }, + "port": { + "default": "string", + "type": [ + "integer", + "string" + ] + } + } + }, + "initialDelaySeconds": { + "type": [ + "integer", + "null" + ] + }, + "periodSeconds": { + "type": [ + "integer", + "null" + ] + }, + "successThreshold": { + "type": [ + "integer", + "null" + ] + }, + "timeoutSeconds": { + "type": [ + "integer", + "null" + ] + } + } + }, + "readinessProbe": { + "description": "[Readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) configuration for the `webhook` container.", + "type": "object", + "properties": { + "failureThreshold": { + "type": [ + "integer", + "null" + ] + }, + "httpGet": { + "type": "object", + "properties": { + "path": { + "type": [ + "string", + "null" + ] + }, + "port": { + "default": "string", + "type": [ + "integer", + "string" + ] + } + } + }, + "initialDelaySeconds": { + "type": [ + "integer", + "null" + ] + }, + "periodSeconds": { + "type": [ + "integer", + "null" + ] + }, + "successThreshold": { + "type": [ + "integer", + "null" + ] + }, + "timeoutSeconds": { + "type": [ + "integer", + "null" + ] + } + } + }, + "requests": { + "type": "object", + "properties": { + "cpu": { + "type": "string" + }, + "memory": { + "type": "string" + } + } + }, + "resources": { + "description": "[Resources](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for the `webhook` container.", + "type": "object" + }, + "securityContext": { + "description": "[Pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) for the `webhook` container.", + "type": "object" + }, + "service": { + "type": "object", + "properties": { + "port": { + "description": "Webhook exposed HTTP port for the service.", + "type": "integer" + } + } + }, + "serviceMonitor": { + "description": "Optional [Service Monitor](https://prometheus-operator.dev/docs/operator/design/#servicemonitor) configuration for the `webhook` container.", + "type": "object", + "properties": { + "bearerTokenFile": { + "type": "null" + }, + "interval": { + "type": "null" + }, + "metricRelabelings": { + "type": "array" + }, + "relabelings": { + "type": "array" + }, + "scheme": { + "type": "null" + }, + "scrapeTimeout": { + "type": "null" + }, + "tlsConfig": { + "type": "object" + } + } + } + } + }, + "url": { + "description": "Webhook URL", + "type": [ + "string", + "null" + ] + }, + "writeTimeout": { + "description": "Webhook write timeout", + "type": [ + "integer", + "null" + ] } } } diff --git a/charts/external-dns/values.yaml b/charts/external-dns/values.yaml index 9b9292c512..f563df2990 100644 --- a/charts/external-dns/values.yaml +++ b/charts/external-dns/values.yaml @@ -237,16 +237,83 @@ excludeDomains: [] # -- Filter resources queried for endpoints by label selector. labelFilter: # @schema type: [string,null]; default: null -# -- Filter resources queried for endpoints by annotation selector. -annotationFilter: # @schema type: [string,null]; default: null - # -- Record types to manage (default: A, AAAA, CNAME) managedRecordTypes: [] # @schema type: [array, null]; item: string; uniqueItems: true +# -- (object) Provider configuration +# @default -- See _values.yaml_ provider: # @schema type: [object, string] # -- _ExternalDNS_ provider name; for the available providers and how to configure them see [README](https://github.com/kubernetes-sigs/external-dns/blob/master/charts/external-dns/README.md#providers). - name: aws - webhook: + name: aws # @schema type:[string, null] + # -- (object) Webhook configuration + # @default -- See _values.yaml_ + webhook: # @schema type: [object, null] + # -- (string) Webhook URL + url: # @schema type:[string, null]; default: null + # -- (integer) Webhook read timeout + readTimeout: # @schema type:[integer, null]; default: null + # -- (integer) Webhook write timeout + writeTimeout: # @schema type:[integer, null]; default: null + # -- (object) Webhook sidecar container configuration + # @default -- See _values.yaml_ + sidecar: # @schema type: [object, null]; default: null + # -- (boolean) Whether or not to include a webhook sidecar in the external dns deployment + enabled: false + image: + # -- (string) Image repository for the `webhook` container. + repository: # @schema type:[string, null]; default: null + # -- (string) Image tag for the `webhook` container. + tag: # @schema type:[string, null]; default: null + # -- Image pull policy for the `webhook` container. + pullPolicy: IfNotPresent + # -- [Environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/) for the `webhook` container. + env: [] + # -- Extra arguments to provide for the `webhook` container. + args: [] + # -- Extra [volume mounts](https://kubernetes.io/docs/concepts/storage/volumes/) for the `webhook` container. + extraVolumeMounts: [] + # -- [Resources](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for the `webhook` container. + resources: {} + # -- [Pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) for the `webhook` container. + # @default -- See _values.yaml_ + securityContext: {} + # -- [Liveness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) configuration for the `external-dns` container. + # @default -- See _values.yaml_ + livenessProbe: + httpGet: + path: /healthz # @schema type:[string, null]; default: null + port: http-webhook # @schema type:[integer,string]; default: string + initialDelaySeconds: 10 # @schema type:[integer, null]; default: null + periodSeconds: 10 # @schema type:[integer, null]; default: null + timeoutSeconds: 5 # @schema type:[integer, null]; default: null + failureThreshold: 2 # @schema type:[integer, null]; default: null + successThreshold: 1 # @schema type:[integer, null]; default: null + # -- [Readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) configuration for the `webhook` container. + # @default -- See _values.yaml_ + readinessProbe: + httpGet: + path: /healthz # @schema type:[string, null]; default: null + port: http-webhook # @schema type:[integer,string]; default: string + initialDelaySeconds: 5 # @schema type:[integer, null]; default: null + periodSeconds: 10 # @schema type:[integer, null]; default: null + timeoutSeconds: 5 # @schema type:[integer, null]; default: null + failureThreshold: 6 # @schema type:[integer, null]; default: null + successThreshold: 1 # @schema type:[integer, null]; default: null + service: + # -- Webhook exposed HTTP port for the service. + port: 8080 + # -- Optional [Service Monitor](https://prometheus-operator.dev/docs/operator/design/#servicemonitor) configuration for the `webhook` container. + # @default -- See _values.yaml_ + serviceMonitor: + interval: + scheme: + tlsConfig: {} + bearerTokenFile: + scrapeTimeout: + metricRelabelings: [] + relabelings: [] + + # **DEPRECATED** webhook values image: # -- (string) Image repository for the `webhook` container. repository: # @schema type:[string, null]; default: null