[PodSecurity] Document webhook installation & use

[tallclair]

• Webhook installation guide
  • How to manage webhook certificates
  • Kustomization
• When to use the webhook
• Limitations of the webhook
• Extending the webhook (full guide to API & extension points should probably be part of the README documentation on the PodSecurity repo) ([Pod Security] Document Pod Security code structure & extension points kubernetes#106561)

/cc @sejr @liggitt
/sig auth
/milestone v1.23

[k8s-ci-robot]

@tallclair: You must be a member of the kubernetes/website-milestone-maintainers GitHub team to set the milestone. If you believe you should be able to issue the /milestone command, please contact your Website milestone maintainers and have them propose you as an additional delegate for this responsibility.

In response to this:

• Webhook installation guide
• How to manage webhook certificates
• Kustomization
• When to use the webhook
• Limitations of the webhook
• Extending the webhook (full guide to API & extension points should probably be part of the README documentation on the PodSecurity repo)

/cc @sejr @liggitt
/sig auth
/milestone v1.23

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[sftim]

/triage accepted
/lifecycle frozen

[souvikrajsingh]

@tallclair hey I would love to work on this issue, can you please assign it to me ? thank you!

[AvineshTripathi]

@souvikrajsingh you can assign by yourself too by just commenting /assign

[souvikrajsingh]

@souvikrajsingh you can assign by yourself too by just commenting /assign

Since you mentioned , can you please tell me about this issue a bit , do I need to make documentation or I need to add these in some particular file? I'm actually new to this

[AvineshTripathi]

According to me I think we need to have documentation for webhook in the https://github.com/kubernetes/website/tree/main/content/en/docs/concepts/security (unsure about the location of that file) @sftim @tallclair please correct me if I am wrong :)

[sejr]

@souvikrajsingh @AvineshTripathi hey there! We have an initial Task page for installing the webhook located here: #30122

It's possible that other pages, such as Concepts, will be required, but I'll defer to both Tims to clarify what they expect.

This issue is essentially tracking the topics that need to be added. I'd be happy to help you get involved; it's possible we could divide and conquer on these. Sections like extending the webhook's functionality definitely need expanding on.

[souvikrajsingh]

@sejr hey Sam would love to get involved in this, like you said please confirm and let us know. Another Question: is there any slack channel/mailing list/ discord server we can discuss further regarding this issue?

I really appreciate your help! Thanks again

[sejr]

@souvikrajsingh yes! Check out slack.kubernetes.io -- you can join the SIG Auth channel and/or send me a direct message (I'm Sam on there)

[souvikrajsingh]

@souvikrajsingh yes! Check out slack.kubernetes.io -- you can join the SIG Auth channel and/or send me a direct message (I'm Sam on there)

Thanks again, Sam! Will connect with you on Slack!!

[liggitt]

#28867 open to add basic steps for webhook installation. It does not cover extending the webhook, which seems like a significantly different / more advanced topic

[reylejano]

/milestone 1.23

[tallclair]

This was resolved by #30351

Punting the extension documentation to kubernetes/kubernetes#106561