Skip to content

Add webhook to chart #381

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
freeznet merged 8 commits into from
Jun 13, 2022
Merged

Add webhook to chart #381

freeznet merged 8 commits into from
Jun 13, 2022

Conversation

@tpiperatgod
Copy link
Contributor

@tpiperatgod tpiperatgod commented Jun 2, 2022
edited
Loading

(If this PR fixes a github issue, please add Fixes #<xyz>.)

Fixes #319

(or if this PR is one task of a github issue, please add Master Issue: #<xyz> to link to the master issue.)

Master Issue: #

Motivation

Explain here the context, and why you're making that change. What is the problem you're trying to solve.

Modifications

  • add a subchart named "admission-webhook"
  • move CRDs to the "templates" dir
  • remove the "crds" dir
  • we currently use Cert Manager to manage certificates when communicating with the webhook

Verifying this change

  • Make sure that the change passes the CI checks.

(Please pick either of the following options)

This change is a trivial rework / code cleanup without any test coverage.

(or)

This change is already covered by existing tests, such as (please describe tests).

(or)

This change added tests and can be verified as follows:

(example:)

  • Added integration tests for end-to-end deployment with large payloads (10MB)
  • Extended integration test for recovery after broker failure

Documentation

Check the box below.

Need to update docs?

@github-actions github-actions bot added the doc-required This pr needs a document label Jun 2, 2022
@tpiperatgod tpiperatgod changed the title [WIP] Add webhook to chart Add webhook to chart Jun 6, 2022
freeznet
freeznet approved these changes Jun 6, 2022
View reviewed changes
Copy link
Member

@freeznet freeznet left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm, but left some comments as questions, ptal, thanks.
also, could you please check if the changes affect function-mesh worker service https://github.com/streamnative/function-mesh-worker-service/blob/master/.ci/helm.sh#L118-L136, thanks.

@freeznet freeznet requested a review from jiangpengcheng June 6, 2022 08:22
This was referenced Jun 7, 2022
Closed
Closed
@tpiperatgod tpiperatgod changed the title Add webhook to chart [WIP] Add webhook to chart Jun 10, 2022
@tpiperatgod tpiperatgod changed the title [WIP] Add webhook to chart Add webhook to chart Jun 10, 2022
@tpiperatgod
Copy link
Contributor Author

tpiperatgod commented Jun 10, 2022

lgtm, but left some comments as questions, ptal, thanks. also, could you please check if the changes affect function-mesh worker service https://github.com/streamnative/function-mesh-worker-service/blob/master/.ci/helm.sh#L118-L136, thanks.

This PR does not change the usage when using cert-manager to manage webhook certificates.

I checked the ci workflows for the function-mesh and function-mesh-worker-service repositories and they both manage certificates through the cert-manager, so this PR does not affect either workflow.

@freeznet
Copy link
Member

freeznet commented Jun 10, 2022
edited
Loading

lgtm, but left some comments as questions, ptal, thanks. also, could you please check if the changes affect function-mesh worker service https://github.com/streamnative/function-mesh-worker-service/blob/master/.ci/helm.sh#L118-L136, thanks.

This PR does not change the usage when using cert-manager to manage webhook certificates.

I checked the ci workflows for the function-mesh and function-mesh-worker-service repositories and they both manage certificates through the cert-manager, so this PR does not affect either workflow.

thanks @tpiperatgod, is it possible to enable webhook to the ci workflows after this PR merged?

@tpiperatgod
Copy link
Contributor Author

tpiperatgod commented Jun 10, 2022

thanks @tpiperatgod, is it possible to enable webhook to the ci workflows after this PR merged?

Yes, it will be enabled by default.

But the current ci workflow Precommit - Integration Tests seems to have some problems. I'm not sure if this is due to insufficient resources for the github action. What do you think? @freeznet

@tpiperatgod
add webhook to the chart
2f73cc8 
Signed-off-by: laminar <tpiperatgod@gmail.com>
@tpiperatgod
chore: add go-get-tool to Makefile
9af6b0a 
add the "go-get-tool" function to get the go library.

Signed-off-by: laminar <tpiperatgod@gmail.com>
@tpiperatgod
feat: add webhook to the helm chart
20b0b4a 
- add a subchart named "admission-webhook"
- move CRDs to the "templates" dir
- remove the "crds" dir
- we currently use Cert Manager to manage certificates when communicating with the webhook

Signed-off-by: laminar <tpiperatgod@gmail.com>
@tpiperatgod
change the name of the webhook service to a fixed value
efc9744 
- use "function-mesh-admission-webhook-service" as the name of the webhook service
- change the template name from "function-mesh-operator.service.webhook" to "function-mesh-operator.webhook.service"
- change the template name from "function-mesh-operator.certificate.secretName" to "function-mesh-operator.certificate.secret"

Signed-off-by: laminar <tpiperatgod@gmail.com>
@tpiperatgod
feat: add chart for using custom certificates
2d2e8b5 
- add the "function-mesh-secrets-webhook" chart, which contains two Secret resources:
  - CA Secret ( automatically generated by the Helm functions )
  - certificate Secret  ( automatically generated by the Helm functions )

Signed-off-by: laminar <tpiperatgod@gmail.com>
@tpiperatgod
add custom certificates provider
ce5bf57 
add `custom` certificates provider

Signed-off-by: laminar <tpiperatgod@gmail.com>
@tpiperatgod
rollback of changes in config/crd dir
8b9d77b 
Signed-off-by: laminar <tpiperatgod@gmail.com>
@tpiperatgod
adjust the certificate (secret) name
e8094c2 
use the fixed name `function-mesh-admission-webhook-server-cert` as the of Certificate and Secret

Signed-off-by: laminar <tpiperatgod@gmail.com>
@freeznet freeznet merged commit 0332a9d into streamnative:master Jun 13, 2022
@tpiperatgod tpiperatgod deleted the add_webhook_to_chart branch June 13, 2022 08:34
@Huanli-Meng Huanli-Meng added doc-added and removed doc-required This pr needs a document labels Jun 22, 2022
@Huanli-Meng
Copy link
Contributor

Huanli-Meng commented Jun 22, 2022

The doc is added through this PR: streamnative/function-mesh-website#134

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@freeznet freeznet freeznet approved these changes

@nlu90 nlu90 nlu90 approved these changes

@jiangpengcheng jiangpengcheng Awaiting requested review from jiangpengcheng

Assignees

@tpiperatgod tpiperatgod

Labels

doc-added m/2022-12

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

support deploy webhook with helm charts

4 participants

@tpiperatgod @freeznet @Huanli-Meng @nlu90