Skip to content

chore(policies): add policy providers configurable in chart #1224

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
migmartri merged 2 commits into from
Aug 14, 2024
Merged

chore(policies): add policy providers configurable in chart #1224

migmartri merged 2 commits into from
Aug 14, 2024

Conversation

@jiparis
Copy link
Member

@jiparis jiparis commented Aug 14, 2024
edited
Loading

This PR adds the policy_providers configuration in chainloop chart. This diff shows the changes after enabling the section in values.yaml:

--- before.yaml	2024-08-14 12:34:20
+++ after.yaml	2024-08-14 12:34:42
@@ -442,7 +442,7 @@
 type: Opaque
 data:
   # We store it also as a different key so it can be reused during upgrades by the common.secrets.passwords.manage helper
-  generated_jws_hmac_secret: "QWdiN0lkczJEZw=="
+  generated_jws_hmac_secret: "c2NzbHRBYTE4Nw=="
   db_migrate_source: "cG9zdGdyZXM6Ly9jaGFpbmxvb3A6Y2hhaW5sb29wcHdkQHRlc3QtcG9zdGdyZXNxbDo1NDMyL2NoYWlubG9vcC1jcD9zc2xtb2RlPWRpc2FibGU="
 stringData:  
   config.secret.yaml: |
@@ -466,7 +466,7 @@
       # HMAC key used to sign the JWTs generated by the controlplane
       # The helper returns the base64 quoted value of the secret
       # We need to remove the quotes and then decoding it so it's compatible with the stringData stanza
-      generated_jws_hmac_secret: "Agb7Ids2Dg"
+      generated_jws_hmac_secret: "scsltAa187"
 
       # Private key used to sign the JWTs meant to be consumed by the CAS
       cas_robot_account_private_key_path: "/secrets/cas.private.key"
@@ -570,6 +570,13 @@
     referrer_shared_index:
       allowedOrgs: []
       enabled: false
+    
+    
+    
+    policy_providers:
+      - default: true
+        host: http://my_host:8002/v1/policies
+        name: my_provider
 ---
 # Source: chainloop/charts/vault/templates/injector/clusterroles.yaml
 kind: ClusterRole
@@ -1582,8 +1589,8 @@
   template:
     metadata:
       annotations:
-        checksum/config: 58244a720a5581faf990af35af35337df77c52fe4257b8e1bffaf5a2dcfaf59d
-        checksum/secret-config: 54b14d8bfbe71d4551be75f58c0e869f559aa4f054d02a7120916510976539d4
+        checksum/config: 41a56926fcf6dce00378cd71c8b56b83473d1d1468bd505a57f6cfec5e944722
+        checksum/secret-config: a4a690339eecead967a4541fc076deb1370f38f54d26ecb7f4b8a1f6c92252cc
         checksum/cas-private-key: ec2222f955d51361a9509047242bc4739a251ae4b28208e7feed4786bf470cdf
         kubectl.kubernetes.io/default-container: controlplane
       labels:

Refs #1180

@jiparis
add policy providers to chart
404615e 
Signed-off-by: Jose I. Paris <jiparis@chainloop.dev>
@jiparis jiparis requested review from javirln and migmartri August 14, 2024 10:36
migmartri
migmartri approved these changes Aug 14, 2024
View reviewed changes
Copy link
Member

@migmartri migmartri left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please bump the chart version, thanks

@migmartri
Copy link
Member

migmartri commented Aug 14, 2024

and take a note to upstream this feature to the bitnami chart too cc/ @javirln

@jiparis jiparis mentioned this pull request Aug 14, 2024
Closed
@jiparis
bump chart version
2fb017b 
Signed-off-by: Jose I. Paris <jiparis@chainloop.dev>
@migmartri migmartri merged commit aa0da45 into chainloop-dev:main Aug 14, 2024
@BrewTestBot BrewTestBot mentioned this pull request Aug 20, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@migmartri migmartri migmartri approved these changes

@javirln javirln Awaiting requested review from javirln

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jiparis @migmartri