From b9d88f74edc463dc14ef52135c592fbb6bd5c792 Mon Sep 17 00:00:00 2001 From: Martin Date: Wed, 18 Sep 2024 11:55:12 -0700 Subject: [PATCH] tools.kata-webhook: Specify runtime class using configMap The kata webhook requires a configmap to define what runtime class it should set for the newly created pods. Additionally, the configmap allows others to modify the default runtime class name we wish to set (in case the handler is kata but the name of the runtimeclass is different). Finally, this PR changes the webhook-check to compare the runtime of the newly created pod against the specific runtime class in the configmap, if said confimap doesn't exist, then it will default to "kata". Signed-off-by: Martin --- tools/testing/kata-webhook/deploy/webhook.yaml | 7 +++++++ tools/testing/kata-webhook/webhook-check.sh | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/tools/testing/kata-webhook/deploy/webhook.yaml b/tools/testing/kata-webhook/deploy/webhook.yaml index 07e8a57a2b..efd7d8225a 100644 --- a/tools/testing/kata-webhook/deploy/webhook.yaml +++ b/tools/testing/kata-webhook/deploy/webhook.yaml @@ -67,3 +67,10 @@ spec: targetPort: 8080 selector: app: pod-annotate-webhook +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: kata-webhook +data: + runtime_class: kata diff --git a/tools/testing/kata-webhook/webhook-check.sh b/tools/testing/kata-webhook/webhook-check.sh index f13177a423..081e72f556 100755 --- a/tools/testing/kata-webhook/webhook-check.sh +++ b/tools/testing/kata-webhook/webhook-check.sh @@ -16,7 +16,7 @@ source "${webhook_dir}/common.bash" readonly hello_pod="hello-kata-webhook" # The Pod RuntimeClassName for Kata Containers. -RUNTIME_CLASS="${RUNTIME_CLASS:-"kata"}" +RUNTIME_CLASS="${RUNTIME_CLASS:-$(kubectl get configmap kata-webhook -o jsonpath='{.data.runtime_class}' 2>/dev/null || echo "kata")}" cleanup() { {