liatrio · mcbillings · Nov 29, 2023 · Nov 2, 2023
diff --git a/.cspell.json b/.cspell.json
@@ -66,6 +66,7 @@
         "Mikayla",
         "msdemo",
         "mumoshu",
+        "myapp",
         "mydeployment",
         "myfile",
         "mypod",

diff --git a/docs/8-kubernetes-container-orchestration/8.6-webhooks.md b/docs/8-kubernetes-container-orchestration/8.6-webhooks.md
@@ -80,12 +80,10 @@ Controller using python.
    --namespace cert-manager \
    --create-namespace \
    --set installCRDs=true \
-   --version v1.6.1 \
+   --version v1.13.2 \
    jetstack/cert-manager
    ```
 
-?> You might need to specify a different version of cert-manager
-
 4. Create the validation namespace, the root CA, and self signed certificate by applying the `certs.yaml` file.
 
 5. Get the base64 value of the ca.crt file in the secret
@@ -100,8 +98,6 @@ Controller using python.
 
 2. Configure a validating webhook in `app/webhooks.py`. A reference is provided with `examples/warden-validating.py`.
 
-?> You might need to update out of date packages and OS versions in order for the webhook server to function properly
-
 #### Criteria
 
 - Only check pods in the `myapp` namespace.
@@ -121,7 +117,7 @@ Controller using python.
     cat validating-webhook.yaml | sed "s/      caBundle: .*/      caBundle: ${CA}/" | kubectl apply -f -
     ```
 
-?> It might be in your best interest to create scripts or "one liners" to deploy and delete resources as you may do this a lot
+?> It might be helpful to create scripts or "one liners" to deploy and delete resources as you may do this a lot
 
 8. Test your validating webhook
 Tests 2, 4, and 5 should pass.
@@ -164,5 +160,4 @@ Tests 1, 2, 4, 5, and 7 should pass.
 - Why do webhooks require a TLS certificate?
   - How does cert-manager facilitate this?
 - Can a mutating webhook also function as a validating webhook? Vice versa? Why or why not?
-- When attempting to run the webhook server, what specific problems did you find, if any, and how did you solve them?
 - Is there a way to test the webhook server locally without needing to strictly be inside the kubernetes cluster?
diff --git a/examples/ch8/webhooks/Dockerfile b/examples/ch8/webhooks/Dockerfile
@@ -1,19 +1,19 @@
 FROM ubuntu:16.04
 
 RUN apt-get update -y && \
-    apt-get install -y python-pip python-dev && \
-    apt-get install -y python-flask && \
+    apt-get install -y python3-pip python3-dev && \
+    apt-get install -y python3-flask && \
     apt-get install -y vim
 
 # We copy just the requirements.txt first to leverage Docker cache
 COPY ./requirements.txt /app/requirements.txt
 
 WORKDIR /app
 
-RUN pip install -r requirements.txt
+RUN pip3 install -r requirements.txt
 
 COPY . /app
 
-ENTRYPOINT [ "python" ]
+ENTRYPOINT [ "python3" ]
 
 CMD [ "app/webhooks.py" ]
diff --git a/examples/ch8/webhooks/app/webhooks.py b/examples/ch8/webhooks/app/webhooks.py
@@ -5,7 +5,7 @@
 
 warden = Flask(__name__)
 
-#POST route for Admission Controller  
+#POST route for Admission Controller
 @warden.route('/validate', methods=['POST'])
 #Admission Control Logic - validating
 def validating_webhook():
@@ -22,3 +22,5 @@ def mutatating_webhook():
     uid = request_info["request"].get("uid")
 
     # Code for mutating webhook HERE
+if __name__ == '__main__':
+    warden.run(ssl_context=('certs/wardencrt.pem', 'certs/wardenkey.pem'),debug=True, host='0.0.0.0')
diff --git a/examples/ch8/webhooks/requirements.txt b/examples/ch8/webhooks/requirements.txt
@@ -1,3 +1,3 @@
 jsonify
-Werkzeug==2.2.3
+Werkzeug
 jsonpatch