Add possibility to set initContainer "setup-ca-certs" resources #120
Comments
|
Looks like there is not much activity here, so I went ahead and opened a PR. I hope someone can have a look at it: #121 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently there is no way to modify the manifest of the initContainer that injects the Certificates. We use both ResourceQuotas and OPA Gatekeeper rules that prevents from creating the Pod if the initContainer lacks resource requests and limits. We would really like to avoid using a limitRanger in all our namespaces as this will have other implications, as we want to make users aware they need to configure resource settings and not silently just add a default resource for all containers in a namespace.
I suggest we add the possibility to configure this on the initContainer object via environment variable here: https://github.com/vmware-tanzu/cert-injection-webhook/blob/main/pkg/certinjectionwebhook/admission_controller.go#L227-L248
I do have a branch ready for this, but according to the CONTRIBUTION docs I was suppose to open an issue before opening the Pull request. So here it is :)
08fc149
The text was updated successfully, but these errors were encountered: