An option to set the webhook's annotations default values #157
Labels
kind/enhancement
Categorizes issue or PR as related to an improvement.
Comments
virtyaluk
added
the
kind/enhancement
github-actions
bot
added
the
lifecycle/stale
csatib02
removed
the
lifecycle/stale
|
Hey @virtyaluk, Seems like a reasonable addition to the project, it would be awesome if you could work on adding this. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Preflight Checklist
Problem Description
Hello there!
I recently encountered a problem where a 3rd party service attempted to reference a Kubernetes secret value defined in the webhook format (e.g.
vault:secret/...) and failed to do so due to an internal Secrets Webhook error while performing Kubernetes auth. Surely, the error related to a 3rd party service was missing Secrets Webhook annotations due to its limited configuration options, and therefore default vault settings were used, namelyvault-skip-verify: falseandvault-add: https://vault:8200. There's no way for me to work around this issue since my vault cluster is installed into a dedicatedvaultnamespace and I'm not using TLS.Proposed Solution
I'd like to see the webhook expose additional configuration options (Helm values) to set defaults for the values used in place of absent annotations. Namely, I'd like to set the default values of
VAULT_ADDRandVAULT_SKIP_VERIFYenvs at the webhook installation time and use it thereupon.Thanks.
Alternatives Considered
No response
Additional Information
No response
The text was updated successfully, but these errors were encountered: