Giant Swarm Control Plane admission controller for Azure that implements the following rules:
- Check for TC upgrades to avoid skipping major or minor releases.
The certificates for the webhook are created with CertManager and injected through the CA Injector.
Team Phoenix
See docs/mutating.md and docs/validating.md
Testing the azure-admission-controller in a kind cluster on your local machine:
kind create cluster
# Build a linux image
CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build .
docker build . -t azure-admission-controller:dev
kind load docker-image azure-admission-controller:dev
# Make sure the Custom Resource Definitions are in place
opsctl ensure crds -k "$(kind get kubeconfig)" -p azure
# Insert the certificate
kubectl apply --context kind-kind -f local_dev/certmanager.yml
## Wait until certmanager is up
kubectl apply --context kind-kind -f local_dev/clusterissuer.yml
helm template azure-admission-controller -f helm/azure-admission-controller/ci/default-values.yaml helm/azure-admission-controller > local_dev/deploy.yaml
## Replace image name with azure-admission-controller:dev
kubectl apply --context kind-kind -f local_dev/deploy.yaml
kind delete cluster
See Releases
- Bugs: issues
- Please visit https://www.giantswarm.io/responsible-disclosure for information on reporting security issues.
See CONTRIBUTING for details on submitting patches, the contribution workflow as well as reporting bugs.
See docs/Release.md
See docs/webhook.md
See docs/tests.md