VolumeGroupSnapshots are still in alpha.
This commit adds cmdline args to enable group snapshot
webhooks while keeping it disbaled by default.
Signed-off-by: Rakshith R <rakshith.r.0001@gmail.com>
The YAML Specification requires three daashes `---` as marker for the
start of a content block. That means, each YAML file needs to start with
`---` on the first line (or after initial comments).
See-also: https://yaml.org/
Since 4f783f10f added validation for `volumesnapshotclasses`, the
`snapshot-validation-webhook` needs to handle this kind of resource. But
version 5.0.1 doesn't, which leads to failures when updating or creating
`volumesnapshotclasses`.
This commit updates the `snapshot-validation-webhook` version to 6.0.1 in
`deploy/kubernetes/webhook-example/admission-configuration-template`.
Signed-off-by: Benoît Knecht <bknecht@protonmail.ch>
https://github.com/kubernetes/enhancements/blob/master/keps/sig-storage/177-volume-snapshot/tighten-validation-webhook-crd.md
1. Ratcheting validation webhook server image
2. Controller labels invalid objects
3. Unit tests for webhook
4. Deployment README and example deployment method with certs
5. Update top-level README
Racheting validation:
1. webhook is strict on create
2. webhook is strict on updates where the existing object passes strict validation
3. webhook is relaxed on updates where the existing object fails strict validation (allows finalizer removal, status update, deletion, etc)
Additionally the validating wehook server will perform immutability
checks on scenario 2 above.
