Skip to content

Chart: Add volumes for webhook patch job. #13811

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
k8s-ci-robot merged 1 commit into from
Aug 26, 2025
Merged

Chart: Add volumes for webhook patch job. #13811

k8s-ci-robot merged 1 commit into from
Aug 26, 2025

Conversation

@ababu13
Copy link
Contributor

@ababu13 ababu13 commented Aug 22, 2025
edited
Loading

What this PR does / why we need it:

This PR adds support for specifying custom volumes and volumeMounts in the AdmissionWebhook createSecretJob and patchWebhookJob. The template provides the attribute automountServiceAccountToken. However, if automountServiceAccountToken is set to false, the jobs fail. Therefore, to fix that issue, volumeMount and volume needs to be set.

This provides flexibility for users who need to mount additional data (e.g., certificates, configuration files, or shared volumes) into the admission webhook jobs.
Previously, these jobs did not support custom volumes or mounts, which limited use cases where external data is required during webhook secret creation or patching.

Types of changes

  • New feature (non-breaking change which adds functionality)

Which issue/s this PR fixes

fixes #13810

How Has This Been Tested?

  • Deployed Helm chart with custom volumes and volumeMounts defined in values.yaml.
  • Verified that both createSecretJob and patchWebhookJob rendered correctly with the custom mounts in the Job manifests.
  • Confirmed Jobs executed successfully with the mounted volumes present in the containers.
  • Verified that no changes occur when values are left as defaults ([]).
  • Tested the scenario in a dev cluster manually

Checklist:

  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I've read the CONTRIBUTION guide
  • I have added unit and/or e2e tests to cover my changes.
  • All new and existing tests passed.

@netlify
Copy link

netlify bot commented Aug 22, 2025
edited
Loading

Deploy Preview for kubernetes-ingress-nginx canceled.

Name Link
🔨 Latest commit 78595e9
🔍 Latest deploy log https://app.netlify.com/projects/kubernetes-ingress-nginx/deploys/68ad681beb616c0008f7eacd

@linux-foundation-easycla
Copy link

linux-foundation-easycla bot commented Aug 22, 2025
edited
Loading

CLA Signed

The committers listed above are authorized under a signed CLA.

  • ✅ login: ababu13 / name: Arjun Babu (78595e9)

@k8s-ci-robot k8s-ci-robot requested review from Gacko and cpanato August 22, 2025 02:19
@k8s-ci-robot k8s-ci-robot added needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. area/helm Issues or PRs related to helm charts cncf-cla: no Indicates the PR's author has not signed the CNCF CLA. labels Aug 22, 2025
@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Aug 22, 2025

Welcome @ababu13!

It looks like this is your first PR to kubernetes/ingress-nginx 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes/ingress-nginx has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. 😃

@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Aug 22, 2025

Hi @ababu13. Thanks for your PR.

I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-ci-robot k8s-ci-robot added needs-kind Indicates a PR lacks a `kind/foo` label and requires one. needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. needs-priority size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Aug 22, 2025
Gacko
Gacko requested changes Aug 22, 2025
View reviewed changes
@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. and removed cncf-cla: no Indicates the PR's author has not signed the CNCF CLA. labels Aug 22, 2025
@ababu13 ababu13 requested a review from Gacko August 22, 2025 18:13
@ababu13 ababu13 mentioned this pull request Aug 23, 2025
Closed
@Gacko Gacko changed the title Add volumeMounts and volumes for createSecretJob and patchWebhookJob Chart: Add volumes for webhook patch job. Aug 23, 2025
Gacko
Gacko requested changes Aug 23, 2025
View reviewed changes
Copy link
Member

@Gacko Gacko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please also implement unit tests in the tests directory of the chart.

@k8s-ci-robot k8s-ci-robot added size/L Denotes a PR that changes 100-499 lines, ignoring generated files. and removed size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Aug 24, 2025
@ababu13 ababu13 requested a review from Gacko August 24, 2025 20:06
@ababu13
Copy link
Contributor Author

ababu13 commented Aug 25, 2025

Please also implement unit tests in the tests directory of the chart.

@Gacko - Could you please review and approve?

Gacko
Gacko reviewed Aug 25, 2025
View reviewed changes
Copy link
Member

@Gacko Gacko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/triage accepted
/kind feature
/priority backlog
/ok-to-test
/hold
Gonna fix some nits later, but basically looks good to me.

@k8s-ci-robot k8s-ci-robot added do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. triage/accepted Indicates an issue or PR is ready to be actively worked on. kind/feature Categorizes issue or PR as related to a new feature. and removed needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Aug 25, 2025
@k8s-ci-robot k8s-ci-robot added priority/backlog Higher priority than priority/awaiting-more-evidence. and removed needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. needs-kind Indicates a PR lacks a `kind/foo` label and requires one. needs-priority labels Aug 25, 2025
@ababu13
Copy link
Contributor Author

ababu13 commented Aug 25, 2025

@Gacko - Thanks for reviewing! Anything else I need to do from my end?

@ababu13 ababu13 requested a review from Gacko August 25, 2025 17:28
@Gacko
Copy link
Member

Gacko commented Aug 25, 2025

Please rest assured: I'm having this PR on my list, I will not forget about it. You do not need to continuously request my review.

Gacko
Gacko approved these changes Aug 26, 2025
View reviewed changes
Copy link
Member

@Gacko Gacko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/triage accepted
/kind feature
/priority backlog
/lgtm
/unhold

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Aug 26, 2025
@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Aug 26, 2025
@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Aug 26, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ababu13, Gacko

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Aug 26, 2025
@Gacko
Copy link
Member

Gacko commented Aug 26, 2025

/hold

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Aug 26, 2025
@Gacko
Copy link
Member

Gacko commented Aug 26, 2025

/unhold

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Aug 26, 2025
@k8s-ci-robot k8s-ci-robot merged commit 203b97a into kubernetes:main Aug 26, 2025
28 checks passed
@ababu13
Copy link
Contributor Author

ababu13 commented Aug 26, 2025

Thank you very much! - @Gacko

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Gacko Gacko Gacko approved these changes

@cpanato cpanato Awaiting requested review from cpanato

Assignees

@Gacko Gacko

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. area/helm Issues or PRs related to helm charts cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/feature Categorizes issue or PR as related to a new feature. lgtm "Looks good to me", indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. priority/backlog Higher priority than priority/awaiting-more-evidence. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. triage/accepted Indicates an issue or PR is ready to be actively worked on.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add volumeMounts and volumes for createSecretJob and patchWebhookJob

3 participants

@ababu13 @k8s-ci-robot @Gacko