-
Notifications
You must be signed in to change notification settings - Fork 762
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support external secrets for service tokens and the xsrf key #1372
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Shengwen Yu <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
…redentials.password (#1123) Signed-off-by: Dmitry Sergeev <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Update database-ss.yaml syntax correction Signed-off-by: tsoni <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Update README accordingly Signed-off-by: Michele Azzolari <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
The job will migrate database before upgrade Add settings of enableMigrateHelmHook to helm chart Update readme.md to add the enableMigrateHelmHook option Signed-off-by: stonezdj <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
… README tables and values.yaml Signed-off-by: Jesper Axelsen <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
According to the ingress specification [1], the longest matching path should be used. But for Istio, "The first rule matching an incoming request is used" [2,3]. [1]: https://kubernetes.io/docs/concepts/services-networking/ingress/#multiple-matches [2]: https://istio.io/latest/docs/reference/config/networking/virtual-service/#VirtualService [3]: istio/istio#35033 Fixes: #485 Signed-off-by: Mathieu Parent <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: chlins <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: Shengwen Yu <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Corrects the comment mistake in the Jaeger support mode that has the `agent` and `collector` mode description the wrong way around. Signed-off-by: ChrisJBurns <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: Jerry Jones <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: Shengwen Yu <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: Tom OBrien <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: Christophe Jauffret <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: Domonkos Cinke <[email protected]> Signed-off-by: Domonkos Cinke <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: Domonkos Cinke <[email protected]> Signed-off-by: Domonkos Cinke <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: Domonkos Cinke <[email protected]> Signed-off-by: Domonkos Cinke <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: James Glennan <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: chlins <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: Cong Ha Minh <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: Shengwen Yu <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: Shengwen Yu <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: Shengwen Yu <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: hongbo.mo <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: Shengwen Yu <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
fix: Registry secret value path fix: Secret usage Signed-off-by: David Sabatie <[email protected]> Signed-off-by: David Sabatie <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: David Sabatie <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: David Sabatie <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: David Sabatie <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: David Sabatie <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: David Sabatie <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: David Sabatie <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Change PASSWORD to password in readme for database existing secret Signed-off-by: David Sabatie <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: Curt Cunning <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: yminer <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: Aleksy Zalenski <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: Ivan Aguilar <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: yminer <[email protected]> fix external redis url Signed-off-by: yminer <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Add secret env to job when database external secret is used Signed-off-by: Cong Ha Minh <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Update the diagram Add the redis sentinel support Signed-off-by: stonezdj <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
…_SECURITY_CHECKS Signed-off-by: Shengwen Yu <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Add missing environment variable to registry container - only happens when using existingSecret for Azure imageChartStorage Signed-off-by: Raul Garcia Sanchez <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
New values allow to configure timeoutSeconds in livenessProbe/readinessProbe .database.internal.livenessProbe.timeoutSeconds .database.internal.readinessProbe.timeoutSeconds Default values (1 second) unchanged if parameters are not set. Signed-off-by: Peter Englmaier <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: Peter Englmaier <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Add JFrog Artifactory As Supported Proxy-Cache Registry Source Signed-off-by: Derrik Campau <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Support value `f5-bigip` for `expose.ingress.controller`. Ingresses like F5 BIG-IP are external to the cluster, so Services used by them must be exposed as type `NodePort`. Signed-off-by: Jake Yip <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
According to [Harbor config](https://github.com/goharbor/harbor/blob/main/src/lib/config/metadata/metadatalist.go#L182), OTEL timeout has to be set as int. Signed-off-by: Sylvain Desbureaux <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
…aws-load-balancer controller Signed-off-by: Jon Beilke <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: Lionel Nicolas <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Instead of setting the admin password via a parameter in the helm chart, provide the ability to give it via an existing secret. Signed-off-by: Sylvain Desbureaux <[email protected]> Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: Daren Desjardins <[email protected]>
Signed-off-by: Daren Desjardins <[email protected]>
Replaced with #1373 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add support for using external/existing secrets for the following keys: