From f6e40b5dd11723716b7b1e3622284a722d845203 Mon Sep 17 00:00:00 2001
From: Prateek Pandey <prateekpandey14@gmail.com>
Date: Tue, 28 Dec 2021 19:52:52 +0530
Subject: [PATCH] feat(validation): support for ephemeral containers (#2875)

Signed-off-by: prateekpandey14 <prateekpandey14@gmail.com>
---
 go.mod                             | 2 +-
 pkg/webhookconfig/configmanager.go | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/go.mod b/go.mod
index 3a1b2d8a57..d8b6e2200c 100644
--- a/go.mod
+++ b/go.mod
@@ -54,7 +54,7 @@ require (
 )
 
 require (
-	github.com/aquilax/truncate v1.0.0 // indirect
+	github.com/aquilax/truncate v1.0.0
 	github.com/blang/semver/v4 v4.0.0
 	github.com/opencontainers/image-spec v1.0.2 // indirect
 	gopkg.in/inf.v0 v0.9.1
diff --git a/pkg/webhookconfig/configmanager.go b/pkg/webhookconfig/configmanager.go
index c8563b9414..58700b6e9a 100644
--- a/pkg/webhookconfig/configmanager.go
+++ b/pkg/webhookconfig/configmanager.go
@@ -736,6 +736,10 @@ func (m *webhookConfigManager) mergeWebhook(dst *webhook, policy *kyverno.Cluste
 		rsrcs = append(rsrcs, gvr.Resource)
 	}
 
+	if utils.ContainsString(rsrcs, "pods") {
+		rsrcs = append(rsrcs, "pods/ephemeralcontainers")
+	}
+
 	dst.rule[apiGroups] = removeDuplicates(groups)
 	dst.rule[apiVersions] = removeDuplicates(versions)
 	dst.rule[resources] = removeDuplicates(rsrcs)