diff --git a/helm/aws-load-balancer-controller/README.md b/helm/aws-load-balancer-controller/README.md index 2c5e8b7fd..a86383dba 100644 --- a/helm/aws-load-balancer-controller/README.md +++ b/helm/aws-load-balancer-controller/README.md @@ -223,6 +223,7 @@ The default values set by the application itself can be confirmed [here](https:/ | `ingressMaxConcurrentReconciles` | Maximum number of concurrently running reconcile loops for ingress | None | | `logLevel` | Set the controller log level - info, debug | None | | `metricsBindAddr` | The address the metric endpoint binds to | "" | +| `webhookConfig.disableIngressValidation` | Disables the validation of resources of kind Ingress | None | | `webhookBindPort` | The TCP port the Webhook server binds to | None | | `webhookTLS.caCert` | TLS CA certificate for webhook (auto-generated if not provided) | "" | | `webhookTLS.cert` | TLS certificate for webhook (auto-generated if not provided) | "" | diff --git a/helm/aws-load-balancer-controller/templates/webhook.yaml b/helm/aws-load-balancer-controller/templates/webhook.yaml index 666770d0d..504f08ccb 100644 --- a/helm/aws-load-balancer-controller/templates/webhook.yaml +++ b/helm/aws-load-balancer-controller/templates/webhook.yaml @@ -181,6 +181,7 @@ webhooks: resources: - targetgroupbindings sideEffects: None +{{- if not $.Values.webhookConfig.disableIngressValidation }} - clientConfig: {{ if not $.Values.enableCertManager -}} caBundle: {{ $tls.caCert }} @@ -205,6 +206,7 @@ webhooks: resources: - ingresses sideEffects: None +{{- end }} --- {{- if not $.Values.enableCertManager }} apiVersion: v1 diff --git a/helm/aws-load-balancer-controller/values.yaml b/helm/aws-load-balancer-controller/values.yaml index 96e0466e1..34eddf3b2 100644 --- a/helm/aws-load-balancer-controller/values.yaml +++ b/helm/aws-load-balancer-controller/values.yaml @@ -201,6 +201,10 @@ logLevel: # The address the metric endpoint binds to. (default ":8080") metricsBindAddr: "" +webhookConfig: + # disableIngressValidation disables the validation of resources of kind Ingress, false by default + disableIngressValidation: + # The TCP port the Webhook server binds to. (default 9443) webhookBindPort: