Identity minimum set of resources that need to be intercepted in Mutating webhook #1380

devdattakulkarni · 2024-12-06T16:09:09Z

The set of resources and HTTP methods that KubePlus intercepts as part of its mutating webhook are defined here:
https://github.com/cloud-ark/kubeplus/blob/master/deploy/mutatingwebhook.yaml

We should revisit this list and make sure we are not intercepting more resources than are necessary. For example, now that we have deprecated Pod-level policies (#1367), there is no reason to intercept Pod resource.

Do we need to intercept CREATE calls for resources in the following api groups:
"apps", "extensions", "", "apiextensions.k8s.io",?

The text was updated successfully, but these errors were encountered:

Fixes: #1380

Updated MutatingWebhookConfiguration to intercept only required resources Fixes: #1380

devdattakulkarni added a commit that referenced this issue Jan 31, 2025

Updating the resources intercepted in MutatingWebhookConfiguration

87c1553

Fixes: #1380

devdattakulkarni added a commit that referenced this issue Jan 31, 2025

KubePlus chart update - 4.1.0

bf46f19

Updated MutatingWebhookConfiguration to intercept only required resources Fixes: #1380

devdattakulkarni mentioned this issue Jan 31, 2025

KubePlus chart update - 4.1.0 #1393

Merged

devdattakulkarni closed this as completed in #1393 Jan 31, 2025

devdattakulkarni closed this as completed in 6f9f0bd Jan 31, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Identity minimum set of resources that need to be intercepted in Mutating webhook #1380

Identity minimum set of resources that need to be intercepted in Mutating webhook #1380

devdattakulkarni commented Dec 6, 2024

Identity minimum set of resources that need to be intercepted in Mutating webhook #1380

Identity minimum set of resources that need to be intercepted in Mutating webhook #1380

Comments

devdattakulkarni commented Dec 6, 2024