Skip to content

[release-1.28] Add new network policy for ingress controller webhook#5510

Merged
brandond merged 1 commit intorancher:release-1.28from
brandond:allow-ingress-webhook_release-1.28
Feb 22, 2024
Merged

[release-1.28] Add new network policy for ingress controller webhook#5510
brandond merged 1 commit intorancher:release-1.28from
brandond:allow-ingress-webhook_release-1.28

Conversation

@brandond
Copy link
Copy Markdown
Member

@brandond brandond commented Feb 21, 2024

Proposed Changes

Add new network policy for ingress controller webhook.

The ingress-nginx chart added a validating webhook a while back, but we did not have a policy that allowed access to it. Access was being allowed by the overly broad network policy that we removed in #5318.

Unfortunately we can't just add this to the existing netpol, as we document that it is not updated once the namespace annotation has been set.

Types of Changes

bugfix

Verification

See linked issue

Testing

Linked Issues

User-Facing Change

Further Comments

@brandond
Add new network policy for ingress controller webhook
3ed5386 
Unfortunately we can't just add this to the existing netpol, as we document that it is not updated once the namespace annotation has been set.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
@brandond brandond requested a review from a team as a code owner February 21, 2024 23:18
@brandond brandond merged commit f9eb7ba into rancher:release-1.28 Feb 22, 2024
@brandond brandond deleted the allow-ingress-webhook_release-1.28 branch June 6, 2024 23:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@briandowns briandowns briandowns approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@brandond @briandowns