Webhook resources are hard to sort in the general case :(
MutatingWebhookConfiguration resources potentially have side effects
on following objects, and thus are inherently not declarative.
More practically, MutatingWebhookConfiguration and
ValidatingWebhookConfiguration may refer to in-cluster services that
need to be operationational before the Webhook is configured.
This change sorts {Mutating,Validating}WebhookConfiguration
resources last, when creating/updating.
Note that (because it is sorted last) the webhook will not have
affects on other objects in the same kubecfg run. It is thus up to
the config author to anticipate this and separately ensure the
resources are valid (ValidatingWebhook) or independently apply any
required transformations (MutatingWebhook). An alternative is to
externally force resource ordering by invoking kubecfg more than
once with each "phase" of configuration.
Webhook resources are hard to sort in the general case :(
MutatingWebhookConfigurationresources potentially have side effects on following objects, and thus are inherently not declarative.More practically,
MutatingWebhookConfigurationandValidatingWebhookConfigurationmay refer to in-cluster services that need to be operationational before the Webhook is configured.This change sorts
{Mutating,Validating}WebhookConfigurationresources last, when creating/updating.Note that (because it is sorted last) the webhook will not have affects on other objects in the same
kubecfgrun. It is thus up to the config author to anticipate this and separately ensure the resources are valid (ValidatingWebhook) or independently apply any required transformations (MutatingWebhook). An alternative is to externally force resource ordering by invokingkubecfgmore than once with each "phase" of configuration.