An option to set the webhook's annotations default valuesΒ #157
Description
Preflight Checklist
- I have searched the issue tracker for an issue that matches the one I want to file, without success.
- I agree to follow the Code of Conduct.
Problem Description
Hello there!
I recently encountered a problem where a 3rd party service attempted to reference a Kubernetes secret value defined in the webhook format (e.g. vault:secret/...) and failed to do so due to an internal Secrets Webhook error while performing Kubernetes auth. Surely, the error related to a 3rd party service was missing Secrets Webhook annotations due to its limited configuration options, and therefore default vault settings were used, namely vault-skip-verify: false and vault-add: https://vault:8200. There's no way for me to work around this issue since my vault cluster is installed into a dedicated vault namespace and I'm not using TLS.
Proposed Solution
I'd like to see the webhook expose additional configuration options (Helm values) to set defaults for the values used in place of absent annotations. Namely, I'd like to set the default values of VAULT_ADDR and VAULT_SKIP_VERIFY envs at the webhook installation time and use it thereupon.
Thanks.
Alternatives Considered
No response
Additional Information
No response