Skip to content

Commit

Permalink
chore: can disable webhook in helm
Browse files Browse the repository at this point in the history
Signed-off-by: Rory Z <[email protected]>
  • Loading branch information
Rory-Z committed Jan 13, 2025
1 parent d16fa3c commit 8a5aac5
Show file tree
Hide file tree
Showing 7 changed files with 31 additions and 0 deletions.
11 changes: 11 additions & 0 deletions .github/workflows/deploy.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -35,9 +35,20 @@ jobs:
single_namespace:
- false
- true
enable_webhook:
- true
exclude:
- install: static
single_namespace: true
include:
- enable_webhook: false
install: helm
single_namespace: true
emqx: [EMQX, emqx, "config/samples/emqx/v2beta1/emqx-slim.yaml"]
- enable_webhook: false
install: helm
single_namespace: true
emqx: [EMQX, emqx, "config/samples/emqx/v2beta1/emqx-full.yaml"]

steps:
- run: minikube start
Expand Down
2 changes: 2 additions & 0 deletions deploy/charts/emqx-operator/templates/cert-manager.yaml
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
{{- if .Values.webhook.enabled }}
{{- if (index .Values "cert-manager" "enable") }}
---
apiVersion: cert-manager.io/v1
Expand All @@ -22,3 +23,4 @@ spec:
name: {{ include "emqx-operator.fullname" . }}-selfsigned-issuer
secretName: {{ index .Values "cert-manager" "secretName" | default (printf "%s-webhook-server-cert" (include "emqx-operator.fullname" .)) }}
{{- end }}
{{- end }}
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
{{- if .Values.webhook.enabled -}}
---
apiVersion: v1
kind: Service
Expand All @@ -11,3 +12,4 @@ spec:
selector:
control-plane: controller-manager
{{- include "emqx-operator.selectorLabels" . | nindent 4 }}
{{- end }}
9 changes: 9 additions & 0 deletions deploy/charts/emqx-operator/templates/controller-manager.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,9 @@ spec:
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
env:
- name: ENABLE_WEBHOOKS
value: {{ .Values.webhook.enabled | quote }}
containers:
- args:
- --leader-elect
Expand All @@ -48,9 +51,11 @@ spec:
- containerPort: 8080
name: metrics
protocol: TCP
{{- if .Values.webhook.enabled }}
- containerPort: 9443
name: webhook-server
protocol: TCP
{{- end }}
{{- if .Values.singleNamespace }}
env:
- name: WATCH_NAMESPACE
Expand All @@ -68,19 +73,23 @@ spec:
{{- toYaml .Values.resources | nindent 12 }}
securityContext:
{{- toYaml .Values.containerSecurityContext | nindent 12 }}
{{- if .Values.webhook.enabled }}
volumeMounts:
- mountPath: /tmp/k8s-webhook-server/serving-certs
name: cert
readOnly: true
{{- end }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
serviceAccountName: {{ include "emqx-operator.serviceAccountName" . }}
terminationGracePeriodSeconds: 10
{{- if .Values.webhook.enabled }}
volumes:
- name: cert
secret:
defaultMode: 420
secretName: {{ index .Values "cert-manager" "secretName" | default (printf "%s-webhook-server-cert" (include "emqx-operator.fullname" .)) }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
{{- if .Values.webhook.enabled }}
---
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
Expand Down Expand Up @@ -69,3 +70,4 @@ webhooks:
resources:
- emqxplugins
sideEffects: None
{{- end -}}
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
{{- if .Values.webhook.enabled }}
---
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
Expand Down Expand Up @@ -90,3 +91,4 @@ webhooks:
resources:
- emqxplugins
sideEffects: None
{{- end -}}
3 changes: 3 additions & 0 deletions deploy/charts/emqx-operator/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,9 @@ imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""

webhook:
enabled: true

serviceAccount:
# Specifies whether a service account should be created
create: true
Expand Down

0 comments on commit 8a5aac5

Please sign in to comment.