Skip to content

fix: validating/mutating webhook networkpolicies and mtls#192

Merged
mjnagel merged 3 commits intomainfrom
fix-webhooks
Feb 20, 2024
Merged

fix: validating/mutating webhook networkpolicies and mtls#192
mjnagel merged 3 commits intomainfrom
fix-webhooks

Conversation

@mjnagel
Copy link
Copy Markdown
Contributor

@mjnagel mjnagel commented Feb 20, 2024

Description

Adds the proper ingress rules to the webhooks and PERMISSIVE mTLS to allow calls to operate as expected. Validated by turning the webhook failure policies to Fail and applying CRs. The fix applied is similar to the approach taken with metrics-server, and can be re-evaluated as a generated rule instead of Anywhere in the future.

Related Issue

Related to #149 (not a solve for it, but would also be modified by that issue)

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Other (security config, docs update, etc)

Checklist before merging

@mjnagel mjnagel self-assigned this Feb 20, 2024
@mjnagel mjnagel marked this pull request as ready for review February 20, 2024 21:06
MxNxPx
MxNxPx approved these changes Feb 20, 2024
View reviewed changes
Copy link
Copy Markdown
Contributor

@MxNxPx MxNxPx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚢 🇮🇹

@mjnagel mjnagel merged commit b01e629 into main Feb 20, 2024
@mjnagel mjnagel deleted the fix-webhooks branch February 20, 2024 21:54
@github-actions github-actions Bot mentioned this pull request Feb 20, 2024
Merged
mjnagel added a commit that referenced this pull request Feb 20, 2024
@github-actions @mjnagel
chore(main): release 0.13.0 (#170)
09c9447 
🤖 I have created a release *beep* *boop*
---


##
[0.13.0](v0.12.0...v0.13.0)
(2024-02-20)


### Features

* add authservice to uds-core
([#153](#153))
([b0b33b9](b0b33b9))


### Bug Fixes

* validating/mutating webhook networkpolicies and mtls
([#192](#192))
([b01e629](b01e629))


### Miscellaneous

* add security.md
([#189](#189))
([bf7c1d2](bf7c1d2))
* **deps:** update githubactions
([#179](#179))
([7797e25](7797e25))
* **deps:** update githubactions to ebc4d7e
([#183](#183))
([77357e7](77357e7))
* **deps:** update githubactions to v3
([#181](#181))
([70c5ddf](70c5ddf))
* **deps:** update istio to v1.20.3
([#163](#163))
([e45de0e](e45de0e))
* **deps:** update loki to v5.43.0
([#180](#180))
([bab5f7a](bab5f7a))
* **deps:** update loki to v5.43.1
([#182](#182))
([6cc5fc7](6cc5fc7))
* **deps:** update loki to v5.43.2
([#191](#191))
([0ec0cd4](0ec0cd4))
* **deps:** update pepr to v0.25.0
([#164](#164))
([e7b8212](e7b8212))
* **deps:** update uds to v0.9.0
([#173](#173))
([b91a90d](b91a90d))
* **deps:** update zarf to v0.32.3
([#155](#155))
([2f0a1a7](2f0a1a7))
* support deselection of metrics-server
([#193](#193))
([289a0fe](289a0fe))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

---------

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Micah Nagel <micah.nagel@defenseunicorns.com>
mjnagel added a commit to BagelLab/uds-core that referenced this pull request Nov 14, 2025
@mjnagel
fix: validating/mutating webhook networkpolicies and mtls (defenseuni…
1c0d417 
…corns#192)

## Description

Adds the proper ingress rules to the webhooks and PERMISSIVE mTLS to
allow calls to operate as expected. Validated by turning the webhook
failure policies to Fail and applying CRs. The fix applied is similar to
the approach taken with metrics-server, and can be re-evaluated as a
generated rule instead of Anywhere in the future.

## Related Issue

Related to defenseunicorns#149 (not a
solve for it, but would also be modified by that issue)

## Type of change

- [x] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Other (security config, docs update, etc)

## Checklist before merging

- [x] Test, docs, adr added or updated as needed
- [x] [Contributor Guide
Steps](https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md)(https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md#submitting-a-pull-request)
followed
mjnagel added a commit to BagelLab/uds-core that referenced this pull request Nov 14, 2025
@github-actions @mjnagel
chore(main): release 0.13.0 (defenseunicorns#170)
508a7bb 
🤖 I have created a release *beep* *boop*
---


##
[0.13.0](defenseunicorns/uds-core@v0.12.0...v0.13.0)
(2024-02-20)


### Features

* add authservice to uds-core
([defenseunicorns#153](defenseunicorns#153))
([b0b33b9](defenseunicorns@b0b33b9))


### Bug Fixes

* validating/mutating webhook networkpolicies and mtls
([defenseunicorns#192](defenseunicorns#192))
([b01e629](defenseunicorns@b01e629))


### Miscellaneous

* add security.md
([defenseunicorns#189](defenseunicorns#189))
([bf7c1d2](defenseunicorns@bf7c1d2))
* **deps:** update githubactions
([defenseunicorns#179](defenseunicorns#179))
([7797e25](defenseunicorns@7797e25))
* **deps:** update githubactions to ebc4d7e
([defenseunicorns#183](defenseunicorns#183))
([77357e7](defenseunicorns@77357e7))
* **deps:** update githubactions to v3
([defenseunicorns#181](defenseunicorns#181))
([70c5ddf](defenseunicorns@70c5ddf))
* **deps:** update istio to v1.20.3
([defenseunicorns#163](defenseunicorns#163))
([e45de0e](defenseunicorns@e45de0e))
* **deps:** update loki to v5.43.0
([defenseunicorns#180](defenseunicorns#180))
([bab5f7a](defenseunicorns@bab5f7a))
* **deps:** update loki to v5.43.1
([defenseunicorns#182](defenseunicorns#182))
([6cc5fc7](defenseunicorns@6cc5fc7))
* **deps:** update loki to v5.43.2
([defenseunicorns#191](defenseunicorns#191))
([0ec0cd4](defenseunicorns@0ec0cd4))
* **deps:** update pepr to v0.25.0
([defenseunicorns#164](defenseunicorns#164))
([e7b8212](defenseunicorns@e7b8212))
* **deps:** update uds to v0.9.0
([defenseunicorns#173](defenseunicorns#173))
([b91a90d](defenseunicorns@b91a90d))
* **deps:** update zarf to v0.32.3
([defenseunicorns#155](defenseunicorns#155))
([2f0a1a7](defenseunicorns@2f0a1a7))
* support deselection of metrics-server
([defenseunicorns#193](defenseunicorns#193))
([289a0fe](defenseunicorns@289a0fe))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

---------

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Micah Nagel <micah.nagel@defenseunicorns.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MxNxPx MxNxPx MxNxPx approved these changes

Assignees

@mjnagel mjnagel

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mjnagel @MxNxPx