[feat.] Merge Webhook and Server Helm Chart #817
Conversation
Signed-off-by: Rahul M Chheda <rahul.chheda@accurics.com>
|
|
||
| webhook: | ||
| name: webhook.terrascan.io | ||
| failurePolicy: Ignore |
There was a problem hiding this comment.
Had to change this to Ignore, because if service is un-available for webhook, it should not block all the specified resources in cluster.
Hope this is the desired behaviour.
cc: @dev-gaur @kanchwala-yusuf @jlk
Signed-off-by: Rahul M Chheda <rahul.chheda@accurics.com>
| @@ -4,7 +4,6 @@ metadata: | |||
| name: {{ .Values.name }} | |||
| namespace: {{ .Release.Namespace }} | |||
| spec: | |||
| type: LoadBalancer | |||
There was a problem hiding this comment.
No need to create LoadBalancer service, until we are using this service from outside of this cluster. It's the user choice to change it afterwards to enhance its usecases.
cc: @jlk @kanchwala-yusuf @dev-gaur
Codecov Report
@@ Coverage Diff @@
## master #817 +/- ##
=======================================
Coverage 74.85% 74.85%
=======================================
Files 111 111
Lines 3345 3345
=======================================
Hits 2504 2504
Misses 656 656
Partials 185 185 |
Signed-off-by: Rahul M Chheda <rahul.chheda@accurics.com>
Signed-off-by: Rahul M Chheda <rahul.chheda@accurics.com>
| @@ -0,0 +1,63 @@ | |||
| {{- if eq .Values.webhook.failurePolicy "Fail" }} | |||
There was a problem hiding this comment.
Had to create this file just to support validatingwebhookconfiguration failurePolicy to be FAIL.
It turns out, webhook doesn't allow the terrascan server pod to come up in case failurePolicy is Fail.
So, as a workaround, we create the webhook w/ Ignore, and then upgrade it to Fail in. post install chart hook. ref: https://v2.helm.sh/docs/charts_hooks/
There was a problem hiding this comment.
Had to create this file just to support validatingwebhookconfiguration failurePolicy to be FAIL.
It turns out, webhook doesn't allow the terrascan server pod to come up in case failurePolicy is Fail.
So, as a workaround, we create the webhook w/ Ignore, and then upgrade it to Fail in. post install chart hook. ref: https://v2.helm.sh/docs/charts_hooks/
Can you add this as a comment in the vw yaml file as well?
Signed-off-by: Devang <devang.gaur.7@gmail.com>
Signed-off-by: Devang <devang.gaur.7@gmail.com>
|
Hi @rahulchheda, I sent a PR to your branch for all the remaining changes. |
Signed-off-by: Devang <devang.gaur.7@gmail.com>
minor changes and shifting helm charts to deploy/helm/
Signed-off-by: Rahul M Chheda <rahul.chheda@accurics.com>
rahulchheda
changed the title
Signed-off-by: Rahul M Chheda <rahul.chheda@accurics.com>
|
Kudos, SonarCloud Quality Gate passed!
|
Tried to merge Webhook and Server charts in this PR. We really don't need to maintain them separately.
PTAL, and let me know if any improvements are needed.
Signed-off-by: Rahul M Chheda rahul.chheda@accurics.com