Add webhook.create: false warning comment#4579
Merged
gusfcarvalho merged 1 commit intoexternal-secrets:mainfrom Mar 22, 2025
Merged
Add webhook.create: false warning comment#4579gusfcarvalho merged 1 commit intoexternal-secrets:mainfrom
webhook.create: false warning comment#4579gusfcarvalho merged 1 commit intoexternal-secrets:mainfrom
Conversation
40a6025 to
b8756bc
Compare
gusfcarvalho
previously approved these changes
Mar 22, 2025
| | webhook.certManager.cert.revisionHistoryLimit | int | `0` | Set the revisionHistoryLimit on the Certificate. See https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.CertificateSpec Defaults to 0 (ignored). | | ||
| | webhook.certManager.enabled | bool | `false` | Enabling cert-manager support will disable the built in secret and switch to using cert-manager (installed separately) to automatically issue and renew the webhook certificate. This chart does not install cert-manager for you, See https://cert-manager.io/docs/ | | ||
| | webhook.create | bool | `true` | Specifies whether a webhook deployment be created. | | ||
| | webhook.create | bool | `true` | If set to false, crds.conversion.enabled should also be set to false otherwise the kubeapi will be hammered because the conversion is looking for a webhook endpoint. | |
Member
There was a problem hiding this comment.
It seems the original flag explaining the webhook was taken away. I think youll need to make this a single line
Contributor
Author
There was a problem hiding this comment.
No problem - I'll fix now. Thanks @gusfcarvalho.
Contributor
Author
There was a problem hiding this comment.
That's now fixed - thanks @gusfcarvalho.
Member
|
Sorry for the misapproval! I think the generation didn't quite work as you expected @thecosmicfrog |
* Duplicated `crds.conversion.enabled: false` comment stating that `webhook.create` should be set to `false`. * This coupling is easy missable when creating an override `values.yaml` file. Signed-off-by: Aaron Hastings <aaron@aaronhastings.me>
b8756bc to
97cb0e5
Compare
|
gusfcarvalho
approved these changes
Mar 22, 2025
Contributor
Author
|
Thanks for the merge @gusfcarvalho! |
aakashagg
pushed a commit
to aakashagg/external-secrets
that referenced
this pull request
Mar 23, 2025
* Duplicated `crds.conversion.enabled: false` comment stating that `webhook.create` should be set to `false`. * This coupling is easy missable when creating an override `values.yaml` file. Signed-off-by: Aaron Hastings <aaron@aaronhastings.me> Signed-off-by: aakashagg <agarwalaakash202@gmail.com>
aakashagg
pushed a commit
to aakashagg/external-secrets
that referenced
this pull request
Mar 23, 2025
* Duplicated `crds.conversion.enabled: false` comment stating that `webhook.create` should be set to `false`. * This coupling is easy missable when creating an override `values.yaml` file. Signed-off-by: Aaron Hastings <aaron@aaronhastings.me> Signed-off-by: aakashagg <agarwalaakash202@gmail.com>
aakashagg
pushed a commit
to aakashagg/external-secrets
that referenced
this pull request
Mar 23, 2025
* Duplicated `crds.conversion.enabled: false` comment stating that `webhook.create` should be set to `false`. * This coupling is easy missable when creating an override `values.yaml` file. Signed-off-by: Aaron Hastings <aaron@aaronhastings.me> Signed-off-by: aakashagg <agarwalaakash202@gmail.com> Revert "Add `webhook.create: false` warning comment (external-secrets#4579)" This reverts commit 41f8344.
Skarlso
added a commit
that referenced
this pull request
Mar 23, 2025
* adding conjur description Signed-off-by: aakashagg <agarwalaakash202@gmail.com> * adding into Golang Struct models Your commit message Signed-off-by: aakashagg <agarwalaakash202@gmail.com> * Add `webhook.create: false` warning comment (#4579) * Duplicated `crds.conversion.enabled: false` comment stating that `webhook.create` should be set to `false`. * This coupling is easy missable when creating an override `values.yaml` file. Signed-off-by: Aaron Hastings <aaron@aaronhastings.me> Signed-off-by: aakashagg <agarwalaakash202@gmail.com> Revert "Add `webhook.create: false` warning comment (#4579)" This reverts commit 41f8344. * generating API doc Signed-off-by: aakashagg <agarwalaakash202@gmail.com> --------- Signed-off-by: aakashagg <agarwalaakash202@gmail.com> Co-authored-by: Aaron Hastings <thecosmicfrog@users.noreply.github.com> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
ivankatliarchuk
added a commit
to gofogo/external-secrets-fork
that referenced
this pull request
Mar 25, 2025
* main: update dependencies (external-secrets#4589) chore(deps): bump fossas/fossa-action from 1.5.0 to 1.6.0 (external-secrets#4586) chore(deps): bump mkdocs-material from 9.6.8 to 9.6.9 in /hack/api-docs (external-secrets#4588) chore(deps): bump platformdirs from 4.3.6 to 4.3.7 in /hack/api-docs (external-secrets#4587) chore(deps): bump github/codeql-action from 3.28.11 to 3.28.12 (external-secrets#4585) chore(deps): bump actions/setup-go from 5.3.0 to 5.4.0 (external-secrets#4584) chore(deps): bump golangci/golangci-lint-action from 6.5.1 to 6.5.2 (external-secrets#4583) chore(deps): bump actions/cache from 4.2.2 to 4.2.3 (external-secrets#4582) chore(deps): bump ubi8/ubi from `5993454` to `8bd1b63` (external-secrets#4581) Lookup cluster identity from instance metadata (external-secrets#4575) adding conjur description (external-secrets#4578) fix: bump jwt for cve fix (external-secrets#4580) Add `webhook.create: false` warning comment (external-secrets#4579)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
crds.conversion.enabled: falsecomment stating thatwebhook.createshould be set tofalse.values.yamlfile.Problem Statement
It's easy to miss that, when setting
webhook.create: false, you should also setcrds.conversion.enabled: falseto avoid hammering the kubeapi. We noticed a lot of nuisance logs because we missed this when installing ESO.Proposed Changes
Just a minor duplication of an already-existing comment (above
crds.conversion.enabled) to try and avoid this problem for future users.Checklist
git commit --signoffmake testmake reviewable