gatekeeper Change chart to only set matchConditions on webhooks when the value parameter is not empty

Change chart to only set matchConditions on webhooks when the value parameter is not empty

Open martijnvdp opened this issue 1 month ago • 1 comments

Describe the solution you'd like

would be nice if the following statements only set this matchConditions if the value .Values.validatingWebhookMatchConditions is not [] empty

kind: ValidatingWebhookConfiguration
  {{- if ge (int .Capabilities.KubeVersion.Minor) 28 }}
  matchConditions: {{ toYaml .Values.validatingWebhookMatchConditions | nindent 4 }}
  {{- end }}

due a bug in argocd i am getting an error in argocd due this new setting:

Failed to compare desired state to live state: failed to perform pre-diff normalization: error building typed results: error creating typedConfig: .webhooks[name="validation.gatekeeper.sh"].matchConditions: field not declared in schema

see issue: https://github.com/argoproj/gitops-engine/issues/558

but i'm not even using this parameter so as a workaround it would be nice if the chart left this parameter out when .values.validatingWebhookMatchConditions : [] same for mutatingWebhookMatchConditions

Anything else you would like to add: [Miscellaneous information that will assist in solving the issue.]

Environment:

Gatekeeper version: 3.16.3
Kubernetes version: 1.28
Argo v2.10.1+a79e0ea

Jun 03 '24 12:06 martijnvdp

gatekeeper gatekeeper copied to clipboard

Change chart to only set matchConditions on webhooks when the value parameter is not empty

gatekeeper
gatekeeper copied to clipboard