},
		config.HelpKV{
			Key:             config.LoggerWebhookSubSys,
			Description:     "send server logs to webhook endpoints",
			MultipleTargets: true,
		},
		config.HelpKV{
			Key:             config.AuditWebhookSubSys,
			Description:     "send audit logs to webhook endpoints",
			MultipleTargets: true,
		},
		config.HelpKV{
			Key:             config.AuditKafkaSubSys,

		LabelSelector: "app=sidecar-injector,istio.io/rev=default,istio.io/tag=default",
	})
	if err != nil {
		return err
	}
	// If there is no default webhook but a revisioned default webhook exists,
	// and we are installing a new IOP with default semantics, the default webhook shifts.
	if exists && len(mwhs.Items) == 0 && iop.Spec.GetRevision() == "" {

Das liegt daran, dass erwartet wird, dass **Ihre Benutzer** den tatsächlichen **URL-Pfad**, an dem diese den Webhook-Request empfangen möchten, auf andere Weise definieren (z. B. über ein Web-Dashboard).

### Es in der Dokumentation ansehen

		},
		config.HelpKV{
			Key:         target.WebhookClientCert,
			Description: "client cert for Webhook mTLS auth",
			Optional:    true,
			Type:        "string",
			Sensitive:   true,
		},
		config.HelpKV{
			Key:         target.WebhookClientKey,
			Description: "client cert key for Webhook mTLS auth",
			Optional:    true,
			Type:        "string",
			Sensitive:   true,
		},
	}

		writeCustomErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrAdminConfigBadJSON), err.Error(), r.URL)
		return
	}

	// Check if subnet proxy being deleted and if so the value of proxy of subnet
	// target of logger webhook configuration also should be deleted
	loggerWebhookProxyDeleted := setLoggerWebhookSubnetProxy(subSys, cfg)

	if err = saveServerConfig(ctx, objectAPI, cfg); err != nil {

		return fmt.Errorf("failed to apply tag webhook MutatingWebhookConfiguration to cluster: %v", err)
	}
	fmt.Fprintf(w, tagCreatedStr, tagName, revision, tagName)
	return nil
}

func analyzeWebhook(name, istioNamespace, wh, revision string, config *rest.Config) error {
	sa := local.NewSourceAnalyzer(analysis.Combine("webhook", &webhook.Analyzer{}), "", resource.Namespace(istioNamespace), nil)

{{- /* Core defines the common configuration used by all webhook segments */}}
{{/* Copy just what we need to avoid expensive deepCopy */}}
{{- $whv := dict
 "revision" .Values.revision
  "injectionPath" .Values.istiodRemote.injectionPath
  "injectionURL" .Values.istiodRemote.injectionURL
  "reinvocationPolicy" .Values.sidecarInjectorWebhook.reinvocationPolicy
  "caBundle" .Values.istiodRemote.injectionCABundle
  "namespace" .Release.Namespace }}

enable the integration of custom authentication methods, MinIO can be configured with an Identity Management Plugin webhook. When configured, this plugin enables the `AssumeRoleWithCustomToken` STS API extension. A user or application can now present a token to the `AssumeRoleWithCustomToken` API, and MinIO verifies this token by sending it to the Identity Management Plugin webhook. This plugin responds with some information and MinIO is able to generate temporary STS credentials to interact with...

}

// DefaultLambdaKVS - default notification list of kvs.
var (
	DefaultLambdaKVS = map[string]config.KVS{
		config.LambdaWebhookSubSys: DefaultWebhookKVS,
	}
)

// DefaultWebhookKVS - default KV for webhook config
var (
	DefaultWebhookKVS = config.KVS{
		config.KV{
			Key:   config.Enable,
			Value: config.EnableOff,
		},
		config.KV{
			Key:   target.WebhookEndpoint,
			Value: "",
		},

  namespace: {{ .Release.Namespace }}
subsets:
- addresses:
  - ip: {{ .Values.global.remotePilotAddress }}
  ports:
  - port: 15012
    name: tcp-istiod
    protocol: TCP
  - port: 15017
    name: tcp-webhook
    protocol: TCP
---