I am trying to move our app deployment to helm and facing a obstacle with injecting istio in it. We do not have namespaces wide istio enabled, so have to inject only for specfic apps. Tried googling and nothing came up. Did anyone came through this issue.
So far, we was running a shell script directly through ansible for injecting and deploying the app which cannot be used with helm.
I am not Istio expert but what i have found:
1 - Installing the Sidecar/More control, it can be helpful in this case to reuse specific helm labels:
policy: enabled
neverInjectSelector:
- matchExpressions:
- {key: openshift.io/build.name, operator: Exists}2 - Dynamic Admission Webhooks in order to change the default settings during deployments,
3 - Helm templating customization + annotation, posprocessing (labeling),
annotations:
sidecar.istio.io/inject: "true"4 - Helm Inject Plugin,
Please let me know if it helped.