bifrost-admission-controller

module
v0.0.0-...-8ede676 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 31, 2024 License: GPL-3.0

README

bifrost-admission-controller

An intended general-purpose admission controller

Current Feature

  • generate the ca.crt field from full chain certificate in tls.crt and append to the secret for ACME issued certificates

Operation

The admission controller contains a helm template that can be installed on kubernetes clusters It creates the MutatingWebhookConfiguration from within the Go code, hence it needs create and update permissions on the MutatingWebhookConfiguration resource.

The default MutatingWebhookConfiguration has a namespace selector and only watches namespaces with label acme-tls-update=enabled

Also when creating cert-manager certificate resources we need to set the SecretTemplate to have an annotation bifrost-acme-update-webhook.nebed.io/update=true

  secretTemplate:
    annotations:
      bifrost-acme-update-webhook.nebed.io/update: "true"

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.