rancher
/
image-build-sriov-operator
mirror of https://github.com/rancher/image-build-sriov-operator.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
151 Commits 6 Branches 26 Tags 266 KiB
Makefile 52.1%
Dockerfile 47.9%
Go to file
Brian Downs 26f8372ea9
update go (#83) 		2025-10-14 16:31:37 -07:00
.github Bump github/codeql-action from 3 to 4 2025-10-14 11:11:54 +02:00
updatecli updatecli: use `semver` versionfilter 2024-07-30 21:23:58 -06:00
Dockerfile update go (#83) 2025-10-14 16:31:37 -07:00
Makefile chore: Bump Makefile to upstream version v1.5.0 2025-01-26 18:04:04 +00:00
README.md Add the webhook image 2021-04-13 15:02:46 +02:00
centos.repo Add centos repo to install mstflint 2021-02-17 10:31:03 +01:00

README.md

image-build-sriov-operator

To use the webhook, certificates are required. Note that the webhook manifest expects:

Volumes:
  tls:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  operator-webhook-service
    Optional:    false

When doing this manually, the secret must be created using:

k create secret tls operator-webhook-service -n sriov-network-operator --cert=$WEBHOOK_CERT --key=$WEBHOOK_KEY

Where the WEBHOOK_CERT is signed by a kube-api-known CA authority. When doing this manually, we can provide the CA certificate to kube-api as caBundle via:

  • sriov-operator-webhook-config (kind: ValidatingWebhookConfiguration)
  • sriov-operator-webhook-config (kind: MutatingWebhookConfiguration)

For more information ==> https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#configure-admission-webhooks-on-the-fly

Note that by default the webhooks are disabled