Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for spire-controller-manager to appmesh-spire-server #904

Closed
wants to merge 1 commit into from
Closed

Add support for spire-controller-manager to appmesh-spire-server #904

wants to merge 1 commit into from

Conversation

egkelly
Copy link
Contributor

@egkelly egkelly commented Feb 22, 2023
edited
Loading

Issue

appmesh-spire-server #895

Description of changes

  • Add optional spire-controller-manager to appmesh-spire-server for dynamic workload registration
  • Add ability to configure cluster name in appmesh-spire-server and appmesh-spire-agent
  • Bump helm chart version and add documentation

Checklist

  • Added/modified documentation as required (such as the README.md for modified charts)
  • Incremented the chart version in Chart.yaml for the modified chart(s)
  • Manually tested. Describe what testing was done in the testing section below
  • Make sure the title of the PR is a good description that can go into the release notes

Testing

Installed helm chart to my local cluster to verify spire-server and spire-controller-manager both work in tandem

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

EdwardXF
EdwardXF reviewed Feb 23, 2023
View reviewed changes
stable/appmesh-spire-server/values.yaml
@@ -42,9 +42,18 @@ rbac:
# rbac.create: `true` if rbac resources should be created
create: true

spireControllerManager:
enabled: true
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This default value should be set to false

EdwardXF
EdwardXF reviewed Feb 23, 2023
View reviewed changes
stable/appmesh-spire-server/values.yaml
repository: ghcr.io/spiffe/spire-controller-manager
tag: 0.2.1
pullPolicy: IfNotPresent
ignoreNamespaces: [ kube-system, kube-public, spire ]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The appmesh-system namespace should be also ignored

@EdwardXF
Copy link
Contributor

I noticed that this controller is still in pre-prod stage. We cannot approve this PR for now due to security concerns but thanks for contributing!

@EdwardXF EdwardXF closed this Feb 23, 2023
@egkelly
Copy link
Contributor Author

egkelly commented Feb 23, 2023

Makes sense, I'll keep an eye on that project if they ever move it into prod. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@EdwardXF EdwardXF EdwardXF left review comments

@bwagner5 bwagner5 Awaiting requested review from bwagner5

@kishorj kishorj Awaiting requested review from kishorj

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@egkelly @EdwardXF