-
Notifications
You must be signed in to change notification settings - Fork 41
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added new Network Policy to access Mariadb from DSPO #638
Conversation
A new image has been built to help with testing out this PR: To use this image run the following: cd $(mktemp -d)
git clone git@github.com:opendatahub-io/data-science-pipelines-operator.git
cd data-science-pipelines-operator/
git fetch origin pull/638/head
git checkout -b pullrequest 9d15247a6f31f56ac2984cee53255dbafc839b68
oc new-project opendatahub
make deploy IMG="quay.io/opendatahub/data-science-pipelines-operator:pr-638" More instructions here on how to deploy and test a Data Science Pipelines Application. |
5992c60
to
23ba536
Compare
Change to PR detected. A new PR build was completed. |
2 similar comments
Change to PR detected. A new PR build was completed. |
Change to PR detected. A new PR build was completed. |
Change to PR detected. A new PR build was completed. |
update namespace Added DSPO_NAMESPACE env var Added DSPONamespace param Update Network policy template
8dd7c03
to
9a8f5c2
Compare
Change to PR detected. A new PR build was completed. |
/lgtm One thing I want to note is when there's no DSPO_NAMESPACE provided, the namespace field is blank, so the NWP auto rejects any connection to mariadb outside the DSPA namespace. This would only occur if:
for (2) we can't really connect locally to mariadb anyways since it's a svc endpoint so I don't see that as a blocker for this issue, but it's worth noting here. |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: HumairAK The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
The issue resolved by this Pull Request:
Resolves RHOAIENG-5314
Description of your changes:
Added new Network policy which allows DSPO to resolve connections to mariadb deployed in the user namespace.
Testing instructions
The error has been reproduced by applying the below NWP in DSPA namespace, the pipeline server failed to come up due to lack of access to mariadb.
Checklist