Add custom CA support to kspm-admission-controller container

charts/admission-controller/templates/webhook/deployment.yaml

@@ -64,6 +64,10 @@ spec:
             - name: NO_PROXY
               value: {{ include "webhook.noProxy" . }},{{ include "admissionController.scanner.fullname" . }}
             {{- end }}
+            {{- if or .Values.webhook.ssl.ca.cert (eq (include "sysdig.custom_ca.enabled"  (dict "global" .Values.global.ssl "component" .Values.webhook.ssl)) "true") }}
+            - name: SSL_CERT_DIR
+              value: /ca-certs
+            {{- end }}
           ports:
             - containerPort: {{ .Values.webhook.v2.http.port }}
               protocol: TCP
@@ -78,6 +82,11 @@ spec:
             - name: configs
               mountPath: /configs
               readOnly: true
+            {{- if or .Values.webhook.ssl.ca.cert (eq (include "sysdig.custom_ca.enabled"  (dict "global" .Values.global.ssl "component" .Values.webhook.ssl)) "true") }}
+            - name: ca-cert
+              mountPath: /ca-certs
+              readOnly: true
+            {{- end }}
           resources:
             {{- toYaml .Values.webhook.resources | nindent 12 }}
       {{- end}}
@@ -109,6 +118,8 @@ spec:
             {{- end }}
           imagePullPolicy: {{ .Values.webhook.image.pullPolicy | default .Values.global.image.pullPolicy }}
           env:
+            - name: foo
+              value: bar
             {{- if (or (include "webhook.httpProxy" .) (include "webhook.httpsProxy" .) (include "webhook.noProxy" .) )}}
             - name: HTTP_PROXY
               value: {{ include "webhook.httpProxy" . }}