Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: validating/mutating webhook networkpolicies and mtls #192

Merged
merged 3 commits into from
Feb 20, 2024
Merged

Conversation

mjnagel
Copy link
Contributor

@mjnagel mjnagel commented Feb 20, 2024

Description

Adds the proper ingress rules to the webhooks and PERMISSIVE mTLS to allow calls to operate as expected. Validated by turning the webhook failure policies to Fail and applying CRs. The fix applied is similar to the approach taken with metrics-server, and can be re-evaluated as a generated rule instead of Anywhere in the future.

Related Issue

Related to #149 (not a solve for it, but would also be modified by that issue)

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Other (security config, docs update, etc)

Checklist before merging

@mjnagel mjnagel self-assigned this Feb 20, 2024
@mjnagel mjnagel marked this pull request as ready for review February 20, 2024 21:06
Copy link
Contributor

@MxNxPx MxNxPx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚢 🇮🇹

@mjnagel mjnagel merged commit b01e629 into main Feb 20, 2024
13 checks passed
@mjnagel mjnagel deleted the fix-webhooks branch February 20, 2024 21:54
mjnagel added a commit that referenced this pull request Feb 20, 2024
🤖 I have created a release *beep* *boop*
---


##
[0.13.0](v0.12.0...v0.13.0)
(2024-02-20)


### Features

* add authservice to uds-core
([#153](#153))
([b0b33b9](b0b33b9))


### Bug Fixes

* validating/mutating webhook networkpolicies and mtls
([#192](#192))
([b01e629](b01e629))


### Miscellaneous

* add security.md
([#189](#189))
([bf7c1d2](bf7c1d2))
* **deps:** update githubactions
([#179](#179))
([7797e25](7797e25))
* **deps:** update githubactions to ebc4d7e
([#183](#183))
([77357e7](77357e7))
* **deps:** update githubactions to v3
([#181](#181))
([70c5ddf](70c5ddf))
* **deps:** update istio to v1.20.3
([#163](#163))
([e45de0e](e45de0e))
* **deps:** update loki to v5.43.0
([#180](#180))
([bab5f7a](bab5f7a))
* **deps:** update loki to v5.43.1
([#182](#182))
([6cc5fc7](6cc5fc7))
* **deps:** update loki to v5.43.2
([#191](#191))
([0ec0cd4](0ec0cd4))
* **deps:** update pepr to v0.25.0
([#164](#164))
([e7b8212](e7b8212))
* **deps:** update uds to v0.9.0
([#173](#173))
([b91a90d](b91a90d))
* **deps:** update zarf to v0.32.3
([#155](#155))
([2f0a1a7](2f0a1a7))
* support deselection of metrics-server
([#193](#193))
([289a0fe](289a0fe))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

---------

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Micah Nagel <micah.nagel@defenseunicorns.com>
robmcelvenny pushed a commit to owen-grady/uds-core-slim-dev that referenced this pull request Jun 3, 2024
🤖 I have created a release *beep* *boop*
---


##
[0.13.0](defenseunicorns/uds-core@v0.12.0...v0.13.0)
(2024-02-20)


### Features

* add authservice to uds-core
([#153](defenseunicorns/uds-core#153))
([b0b33b9](defenseunicorns/uds-core@b0b33b9))


### Bug Fixes

* validating/mutating webhook networkpolicies and mtls
([#192](defenseunicorns/uds-core#192))
([b01e629](defenseunicorns/uds-core@b01e629))


### Miscellaneous

* add security.md
([#189](defenseunicorns/uds-core#189))
([bf7c1d2](defenseunicorns/uds-core@bf7c1d2))
* **deps:** update githubactions
([#179](defenseunicorns/uds-core#179))
([7797e25](defenseunicorns/uds-core@7797e25))
* **deps:** update githubactions to ebc4d7e
([#183](defenseunicorns/uds-core#183))
([77357e7](defenseunicorns/uds-core@77357e7))
* **deps:** update githubactions to v3
([#181](defenseunicorns/uds-core#181))
([70c5ddf](defenseunicorns/uds-core@70c5ddf))
* **deps:** update istio to v1.20.3
([#163](defenseunicorns/uds-core#163))
([e45de0e](defenseunicorns/uds-core@e45de0e))
* **deps:** update loki to v5.43.0
([#180](defenseunicorns/uds-core#180))
([bab5f7a](defenseunicorns/uds-core@bab5f7a))
* **deps:** update loki to v5.43.1
([#182](defenseunicorns/uds-core#182))
([6cc5fc7](defenseunicorns/uds-core@6cc5fc7))
* **deps:** update loki to v5.43.2
([#191](defenseunicorns/uds-core#191))
([0ec0cd4](defenseunicorns/uds-core@0ec0cd4))
* **deps:** update pepr to v0.25.0
([#164](defenseunicorns/uds-core#164))
([e7b8212](defenseunicorns/uds-core@e7b8212))
* **deps:** update uds to v0.9.0
([#173](defenseunicorns/uds-core#173))
([b91a90d](defenseunicorns/uds-core@b91a90d))
* **deps:** update zarf to v0.32.3
([#155](defenseunicorns/uds-core#155))
([2f0a1a7](defenseunicorns/uds-core@2f0a1a7))
* support deselection of metrics-server
([#193](defenseunicorns/uds-core#193))
([289a0fe](defenseunicorns/uds-core@289a0fe))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

---------

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Micah Nagel <micah.nagel@defenseunicorns.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants