-
-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Separate buckets for tls certs #2885
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #2885 +/- ##
=======================================
Coverage 72.94% 72.94%
=======================================
Files 264 264
Lines 10012 10012
Branches 1181 1181
=======================================
Hits 7303 7303
Misses 2367 2367
Partials 342 342
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
# Conflicts: # deploy/ansible/roles/k8s_install/defaults/main.yml
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewable status: 0 of 21 files reviewed, 1 unresolved discussion (waiting on @Github-advanced-security[bot] and @jmgrady)
maintenance/scripts/monitor.py
line 40 at r1 (raw file):
Previously, github-advanced-security[bot] wrote…
Clear-text logging of sensitive information
This expression logs sensitive data (secret) as clear text.
Done.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Dismissed @Github-advanced-security[bot] from a discussion.
Reviewable status: 0 of 21 files reviewed, all discussions resolved (waiting on @jmgrady)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewed 16 of 21 files at r1, 4 of 5 files at r2, 2 of 2 files at r3, all commit messages.
Reviewable status: complete! all files reviewed, all discussions resolved (waiting on @jmgrady)
* Update helm charts to allow separate AWS buckets for proxied TLS certificates * Prefer 'include' to 'template' in helm charts * Remove vagrant files from .gitignore * Change become:no to become:false * Remove support for `microk8s`
This PR enables the
cert-proxy-client
andcert-proxy-server
charts to manage certificates for NUCs and local installations that are stored in different S3 buckets instead of them all being in a single bucket.The client and server helm charts are changed as follows:
hostname
and abucket
attribute;cert-proxy-server
chart is a string of space-separated values of the formhostname@bucket
cert-proxy-client
chart is a string of the formhostname@bucket
monitor.py
, is updated to support the new environment variable format.This PR also makes the following "cleanup" changes:
.vagrant
from.gitignore
- vagrant has not been used on The Combine for many years.template
withinclude
in Helm chart files - see: https://stackoverflow.com/questions/71086697/how-does-template-and-include-differ-in-helmThis change is