I've been testing the solution with several webhooks configurations we have and the actual solution creates a new server for each config which could cause some issues.
- Port colissions
- Port not being accesible as those need to be exposed
Proposal
I would suggest that reloader does only expose 1 server for the webhook sources and then based on the path for each config reloader process or skip configurations.
The webhook configuration would only require the secretIdentifierOnPayload and use a configurable path and port
Example
---
apiVersion: reloader.external-secrets.io/v1alpha1
kind: Config
metadata:
name: webhook-to-external-secrets-from-keeper
spec:
notificationSources:
- type: Webhook
webhook:
secretIdentifierOnPayload: record_uid
---
apiVersion: reloader.external-secrets.io/v1alpha1
kind: Config
metadata:
name: webhook-to-external-secrets-from-xxx
spec:
notificationSources:
- type: Webhook
webhook:
secretIdentifierOnPayload: data.0.uid
if a payload comes in with an existing path record_uid then it only process the webhook-to-external-secrets-from-keeper and skip the other one.
What do you think? let me know your thoughts, i'm willing on contribute to it...
I've been testing the solution with several webhooks configurations we have and the actual solution creates a new server for each config which could cause some issues.
Proposal
I would suggest that reloader does only expose 1 server for the webhook sources and then based on the path for each config reloader process or skip configurations.
The webhook configuration would only require the
secretIdentifierOnPayloadand use a configurable path and portExample
if a payload comes in with an existing path
record_uidthen it only process thewebhook-to-external-secrets-from-keeperand skip the other one.What do you think? let me know your thoughts, i'm willing on contribute to it...