https://github.com/sbueringer/kustomize-webhook

kustomize-based MutatingWebhook for Kubernetes
https://github.com/sbueringer/kustomize-webhook

Last synced: about 2 months ago
JSON representation

kustomize-based MutatingWebhook for Kubernetes

• Host: GitHub
• URL: https://github.com/sbueringer/kustomize-webhook
• Owner: sbueringer
• License: apache-2.0
• Created: 2019-09-21T14:58:51.000Z (over 5 years ago)
• Default Branch: master
• Last Pushed: 2020-01-12T15:02:34.000Z (over 5 years ago)
• Last Synced: 2025-03-25T03:51:50.340Z (3 months ago)
• Language: Go
• Homepage:
• Size: 55.7 KB
• Stars: 9
• Watchers: 2
• Forks: 3
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# Kustomize Webhook

[![Go Report Card](https://goreportcard.com/badge/sbueringer/kustomize-webhook)](https://goreportcard.com/report/sbueringer/kustomize-webhook)

![](https://github.com/sbueringer/kustomize-webhook/workflows/.github/workflows/main.yml/badge.svg)

A MutatingWebhook for Kubernetes based on Kustomize.

## Summary

The kustomize-webhook is a MutatingWebhook which applies kustomize patches to Pods. The MutatingWebhook receives

the Pod resource which is then patches via a kustomize patch. The patch itself is generated via go template with the 

Pod as data.

## Deployment 

An example deployment can be found in the deploy folder. Generate certs, e.g. via:

```bash

openssl req -x509 -newkey rsa:2048 -keyout tls.key -out tls.crt -days 365 -nodes -subj "/CN=kustomize-webhook.default.svc"

```

Replace the  following vars in [deploy/webhook.yaml](deploy/webhook.yaml):

````

TLS_CRT_BASE64=$(cat tls.crt | base64)

TLS_CRT=$(cat tls.crt)

TLS_KEY=$(cat tls.key)

````

adjust the kustomize patch in the `kustomize-webhook-patches` ConfigMap and deploy the YAML file:

````

kubectl apply -f deploy/webhook.yaml

````