add note ClusterClass compatibility info to validating webhooks section

kubernetes-sigs · Jul 8, 2022 · b041acb · b041acb
1 parent 7b9e12f
commit b041acb
Showing 1 changed file with 16 additions and 1 deletion.
diff --git a/docs/book/src/developer/providers/webhooks.md b/docs/book/src/developer/providers/webhooks.md
@@ -5,6 +5,21 @@ Cluster API provides support for three kinds of webhooks: validating webhooks, d
 ## Validating webhooks
 Validating webhooks are an implementation of a [Kubernetes validating webhook](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#validatingadmissionwebhook). A validating webhook allows developers to test whether values supplied by users are valid. e.g. [the Cluster webhook] ensures the Infrastructure reference supplied at the Cluster's `.spec.infrastructureRef` is in the same namespace as the Cluster itself and rejects the object creation or update if not.
 
+<aside class="note">
+
+<h1> ClusterClass and managed topology support in validating webhooks </h1>
+
+Validating webhooks implemented for a `InfrastructureMachineTemplate` or `BootstrapConfigTemplate` resource
+are required to not block due to immutability checks when the controller for managed
+topology and ClusterClass does [Server Side Apply] dry-run requests.
+
+See [the DockerMachineTemplate webhook] as a reference for a compatible implementation.
+
+[Server Side Apply]: https://kubernetes.io/docs/reference/using-api/server-side-apply/
+[the DockerMachineTemplate webhook]: https://github.com/kubernetes-sigs/cluster-api/blob/main/test/infrastructure/docker/api/v1beta1/dockermachinetemplate_webhook.go
+
+</aside>
+
 ## Defaulting webhooks
 Defaulting webhooks are an implementation of a [Kubernetes mutating webhook](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#mutatingadmissionwebhook). A defaulting webhook allows developers to set default values for a type before they are placed in the Kubernetes data store. e.g. [the Cluster webhook] will set the Infrastructure reference namespace to equal the Cluster namespace if `.spec.infrastructureRef.namespace` is empty.
 
@@ -35,4 +50,4 @@ type Cluster struct {
 A detailed guide on the purpose of each of these tags is [here](https://book.kubebuilder.io/reference/markers/webhook.html).
 
 <!-- links -->
-[the Cluster webhook]: https://github.com/kubernetes-sigs/cluster-api/blob/release-1.1/internal/webhooks/cluster.go
+[the Cluster webhook]: https://github.com/kubernetes-sigs/cluster-api/blob/main/internal/webhooks/cluster.go