Skip to content

Commit

Permalink
add cert-manager annotation to pod-identity-webhook mutatingwebhookco…
Browse files Browse the repository at this point in the history 
…nfiguration
  • Loading branch information
@stefanSpectro
stefanSpectro committed Jan 11, 2024
1 parent 019e06f commit bedfd5c
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions pkg/cloud/services/iam/podidentitywebhook.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ package iam
import (
"context"
"errors"
"fmt"

v14 "k8s.io/api/admissionregistration/v1"
v13 "k8s.io/api/apps/v1"
Expand All @@ -17,6 +18,8 @@ import (
)

const (
certManagerInjectCAAnnotation = "cert-manager.io/inject-ca-from"

podIdentityWebhookName = "pod-identity-webhook"
podIdentityWebhookImage = "amazon/amazon-eks-pod-identity-webhook:v0.5.2"

Expand Down Expand Up @@ -332,6 +335,9 @@ func reconcileMutatingWebHook(ctx context.Context, ns string, secret *corev1.Sec
}

mwhMeta := objectMeta(podIdentityWebhookName, ns)
mwhMeta.Annotations = map[string]string{
certManagerInjectCAAnnotation: fmt.Sprintf("%s/%s", ns, secret.Name),
}
fail := v14.Ignore
none := v14.SideEffectClassNone
mutate := "/mutate"
Expand Down

0 comments on commit bedfd5c

Please sign in to comment.