This repository has been archived by the owner on Mar 22, 2024. It is now read-only.
ingress-nginx production tests and spiffe-oidc-discovery-provider example #136
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kfox1111
requested review from
marcofranssen,
developer-guy,
dennisgove,
dfeldman,
faisal-memon and
mrsabath
as code owners
kfox1111
force-pushed
the
production-ingress-nginx
branch
from
0dc5a4d to
b0737d8
Compare
kfox1111
force-pushed
the
production-ingress-nginx
branch
from
aec2d98 to
65ef6f0
Compare
|
Rebased |
kfox1111
force-pushed
the
production-ingress-nginx
branch
from
65ef6f0 to
8eb37f6
Compare
kfox1111
force-pushed
the
production-ingress-nginx
branch
from
4942b82 to
b7d4053
Compare
marcofranssen
suggested changes
Apr 4, 2023
charts/spire/charts/spiffe-oidc-discovery-provider/templates/tests/test-connection.yaml
Outdated
Show resolved
Hide resolved
charts/spire/charts/spiffe-oidc-discovery-provider/templates/tests/test-connection.yaml
Outdated
Show resolved
Hide resolved
kfox1111
force-pushed
the
production-ingress-nginx
branch
from
f648dc6 to
a82ff7e
Compare
marcofranssen
force-pushed
the
production-ingress-nginx
branch
from
5d5349d to
89aec0c
Compare
This patch adds a production addon values file with best practices for using ingress-nginx. Signed-off-by: Kevin Fox <[email protected]>
Signed-off-by: kfox1111 <[email protected]> Co-authored-by: Marco Franssen <[email protected]>
Signed-off-by: Kevin Fox <[email protected]>
Signed-off-by: Kevin Fox <[email protected]>
Signed-off-by: Kevin Fox <[email protected]>
Signed-off-by: Kevin Fox <[email protected]>
Signed-off-by: Kevin Fox <[email protected]>
Signed-off-by: Kevin Fox <[email protected]>
edwbuck
suggested changes
Jul 27, 2023
There was a problem hiding this comment.
Some sections of this are hard to read. If we can't easily read it, odds are we will have issues maintaining it.
Please move some of the logic into _helpers.tpl for the production code. For the tests, you can put it in the header of the test file, or in a test _helpers.tpl (based on what's easier for you).
charts/spire/charts/spiffe-oidc-discovery-provider/templates/tests/test-connection.yaml
Show resolved
Hide resolved
Signed-off-by: Kevin Fox <[email protected]>
Signed-off-by: Kevin Fox <[email protected]>
Signed-off-by: Kevin Fox <[email protected]>
Signed-off-by: Kevin Fox <[email protected]>
|
@edwbuck all comments have been addressed. do you have time to take another look? |
|
@edwbuck are you OK on how the feedback was addressed? Can we move this one forward? |
Signed-off-by: kfox1111 <[email protected]>
Signed-off-by: Kevin Fox <[email protected]>
edwbuck
approved these changes
Aug 29, 2023
marcofranssen
added a commit
that referenced
this pull request
Sep 15, 2023
* 38f0af4 Add support for Vault UpstreamAuthority plugin - K8s Auth (#415) * 1aac2d4 Bump docker/login-action from 2 to 3 * 1f90867 Allow configuration of priorityClassName on spire-server statefulset (#480) * 9ad2ed5 option to configure agent sds (#479) * 693ce08 Remove ## values section from chart readms * 65d5695 Migrate to readme-generator for helm maintained by bitnami (#431) * dcc60a2 fix(charts/spire/spire-agent): podmonitor templating (#478) * 48adb88 Bump actions/checkout from 3.6.0 to 4.0.0 * d1f52d6 Bump sigstore/cosign-installer from 3.1.1 to 3.1.2 (#473) * 5273f4e Switch mysql and postgresql tests to HA Production configs (#471) * e81a59a ingress-nginx production tests and spiffe-oidc-discovery-provider example (#136) * b05175e Bump actions/checkout from 3.5.3 to 3.6.0 * 51cba5b Add customPlugins and unsupportedBuiltInPlugins sections to spire-server (#198) * f4ee2c2 Bump github.com/onsi/ginkgo/v2 from 2.11.0 to 2.12.0 in /tests (#468) * c817dd2 support datastore password secret created by external resources (#464) * 71ac5af Split steps in check-versions wf for easier debugging (#467) * d91403a Scan for updates to new images (#466) * 7a5456e Bump helm.sh/helm/v3 from 3.11.3 to 3.12.3 in /tests (#462) * cbe0001 Federation test (#423) Signed-off-by: Marco Franssen <[email protected]>
marcofranssen
added a commit
that referenced
this pull request
Sep 15, 2023
* 38f0af4 Add support for Vault UpstreamAuthority plugin - K8s Auth (#415) * 1aac2d4 Bump docker/login-action from 2 to 3 * 1f90867 Allow configuration of priorityClassName on spire-server statefulset (#480) * 9ad2ed5 option to configure agent sds (#479) * 693ce08 Remove ## values section from chart readms * 65d5695 Migrate to readme-generator for helm maintained by bitnami (#431) * dcc60a2 fix(charts/spire/spire-agent): podmonitor templating (#478) * 48adb88 Bump actions/checkout from 3.6.0 to 4.0.0 * d1f52d6 Bump sigstore/cosign-installer from 3.1.1 to 3.1.2 (#473) * 5273f4e Switch mysql and postgresql tests to HA Production configs (#471) * e81a59a ingress-nginx production tests and spiffe-oidc-discovery-provider example (#136) * b05175e Bump actions/checkout from 3.5.3 to 3.6.0 * 51cba5b Add customPlugins and unsupportedBuiltInPlugins sections to spire-server (#198) * f4ee2c2 Bump github.com/onsi/ginkgo/v2 from 2.11.0 to 2.12.0 in /tests (#468) * c817dd2 support datastore password secret created by external resources (#464) * 71ac5af Split steps in check-versions wf for easier debugging (#467) * d91403a Scan for updates to new images (#466) * 7a5456e Bump helm.sh/helm/v3 from 3.11.3 to 3.12.3 in /tests (#462) * cbe0001 Federation test (#423) Signed-off-by: Marco Franssen <[email protected]>
marcofranssen
added a commit
that referenced
this pull request
Sep 15, 2023
* 38f0af4 Add support for Vault UpstreamAuthority plugin - K8s Auth (#415) * 1aac2d4 Bump docker/login-action from 2 to 3 * 1f90867 Allow configuration of priorityClassName on spire-server statefulset (#480) * 9ad2ed5 option to configure agent sds (#479) * 693ce08 Remove ## values section from chart readms * 65d5695 Migrate to readme-generator for helm maintained by bitnami (#431) * dcc60a2 fix(charts/spire/spire-agent): podmonitor templating (#478) * 48adb88 Bump actions/checkout from 3.6.0 to 4.0.0 * d1f52d6 Bump sigstore/cosign-installer from 3.1.1 to 3.1.2 (#473) * 5273f4e Switch mysql and postgresql tests to HA Production configs (#471) * e81a59a ingress-nginx production tests and spiffe-oidc-discovery-provider example (#136) * b05175e Bump actions/checkout from 3.5.3 to 3.6.0 * 51cba5b Add customPlugins and unsupportedBuiltInPlugins sections to spire-server (#198) * f4ee2c2 Bump github.com/onsi/ginkgo/v2 from 2.11.0 to 2.12.0 in /tests (#468) * c817dd2 support datastore password secret created by external resources (#464) * 71ac5af Split steps in check-versions wf for easier debugging (#467) * d91403a Scan for updates to new images (#466) * 7a5456e Bump helm.sh/helm/v3 from 3.11.3 to 3.12.3 in /tests (#462) * cbe0001 Federation test (#423) Signed-off-by: Marco Franssen <[email protected]>
marcofranssen
added a commit
that referenced
this pull request
Sep 15, 2023
* 38f0af4 Add support for Vault UpstreamAuthority plugin - K8s Auth (#415) * 1aac2d4 Bump docker/login-action from 2 to 3 * 1f90867 Allow configuration of priorityClassName on spire-server statefulset (#480) * 9ad2ed5 option to configure agent sds (#479) * 693ce08 Remove ## values section from chart readms * 65d5695 Migrate to readme-generator for helm maintained by bitnami (#431) * dcc60a2 fix(charts/spire/spire-agent): podmonitor templating (#478) * 48adb88 Bump actions/checkout from 3.6.0 to 4.0.0 * d1f52d6 Bump sigstore/cosign-installer from 3.1.1 to 3.1.2 (#473) * 5273f4e Switch mysql and postgresql tests to HA Production configs (#471) * e81a59a ingress-nginx production tests and spiffe-oidc-discovery-provider example (#136) * b05175e Bump actions/checkout from 3.5.3 to 3.6.0 * 51cba5b Add customPlugins and unsupportedBuiltInPlugins sections to spire-server (#198) * f4ee2c2 Bump github.com/onsi/ginkgo/v2 from 2.11.0 to 2.12.0 in /tests (#468) * c817dd2 support datastore password secret created by external resources (#464) * 71ac5af Split steps in check-versions wf for easier debugging (#467) * d91403a Scan for updates to new images (#466) * 7a5456e Bump helm.sh/helm/v3 from 3.11.3 to 3.12.3 in /tests (#462) * cbe0001 Federation test (#423) Signed-off-by: Marco Franssen <[email protected]>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pr adds a production addon values file with best practices for using ingress-nginx with spire-oidc-discovery-provider and tests all existing ingresses to ensure they work properly.