topolvm / pvc-autoresizer

Auto-resize PersistentVolumeClaim objects based on Prometheus metrics
Apache License 2.0
249 stars 29 forks source link

Cannot disable webhooks via .Values.webhook.pvcMutatingWebhook.enabled #271

Closed wparr-circle closed 3 months ago

wparr-circle commented 4 months ago

Describe the bug The mutating webhook configuration is removed when .Values.webhook.pvcMutatingWebhook.enabled is set false. However, the certificate volume sourced from a the tls type secret is still required. This appears to be a fault in the source, where the webhook server itself is not optional. See:

It would be great to make this optional. Specifically with the generated webhook cert, we found that it resulted in a container config error due to the self signed cert created during the helm install was not provisioned at allwhen .Values.webhook.pvcMutatingWebhook.enabled was set false.

Environments

To Reproduce Steps to reproduce the behavior:

  1. Install with the following helm values:
    webhook:
    pvcMutatingWebhook:
      enabled: false
    certificate:
      generate: true
  2. This renders a deploy without the mutating webhook configuration, and the secret used for certs
  3. Pods fail with a ContainerConfig error

Expected behavior When .Values.webhook.pvcMutatingWebhook.enabled is set, neither the cert manager or generated certificate should be rendered. The deployment should not mount the certificate secret. The application should be able to start fine without the cert directory.

Additional context Add any other context about the problem here.

tekicode commented 3 months ago

Any chance we could get a new release with this functionality? :pray: