Giant Swarm Control Plane admission controller for Azure that implements the following rules:
- Check for TC upgrades to avoid skipping major or minor releases.
The certificates for the webhook are created with CertManager and injected through the CA Injector.
Team Celestial
Testing the azure-admission-controller in a kind cluster on your local machine:
kind create cluster
# Build a linux image
CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build .
docker build . -t azure-admission-controller:dev
kind load docker-image azure-admission-controller:dev
# Make sure the Custom Resource Definitions are in place
opsctl ensure crds -k "$(kind get kubeconfig)" -p azure
# Insert the certificate
kubectl apply --context kind-kind -f local_dev/certmanager.yml
## Wait until certmanager is up
kubectl apply --context kind-kind -f local_dev/clusterissuer.yml
helm template azure-admission-controller -f helm/azure-admission-controller/ci/default-values.yaml helm/azure-admission-controller > local_dev/deploy.yaml
## Replace image name with azure-admission-controller:dev
kubectl apply --context kind-kind -f local_dev/deploy.yaml
kind delete cluster
See Releases
- Bugs: issues
- Please visit https://www.giantswarm.io/responsible-disclosure for information on reporting security issues.
See CONTRIBUTING for details on submitting patches, the contribution workflow as well as reporting bugs.
See docs/Release.md
See docs/webhook.md
See docs/tests.md