Mutating webhook should handle only relevant requests #55
Labels
kind/enhancement
Enhancement, improvement, extension
lifecycle/stale
Nobody worked on this for 6 months (will further age)
Comments
|
Quoted from #54 (comment) and #54 (comment) @unmarshall raised a valid point about setting object selectors in webhooks: For the gardener use case, we are the end-users of Kupid as well. So we control what labels we set on the pod-groups (statefulsets, deployments, etc) that Kupid is to mutate. This can be achieved using the helm charts. We can read the Now, external users of Kupid can choose to leave this empty, in which case Kupid will not add any object selector to the webhooks, which means all resources will be considered (no change in behavior). |
|
/assign |
|
/unassign |
gardener-robot
added
the
lifecycle/stale
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What would you like to be added:
I would like Kupid's mutating webhook to only handle the requests that are relevant to it by using an ObjectSelector in the webhook configuration. The object selector can be set based on the PSPs and CPSPs that Kupid uses to mutate these resources.
Why is this needed:
Today Kupid receives every request in the cluster, while it only wishes to mutate specific resources (like etcd statefulset) based on resource labels. This allows for low resource consumption by Kupid (by avoiding irrelevant requests to it) and reduces log load by getting rid of unnecessary
Handling request...logs.The text was updated successfully, but these errors were encountered: