New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Secure metrics endpoint with oauth-proxy #76
Secure metrics endpoint with oauth-proxy #76
Conversation
/hold |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we have an open BZ or issue to link this to?
/test e2e-operator |
82127e2
to
796e3c7
Compare
formatting nits otherwise lgtm |
Will there be a CLO pr to go along with this to populate this ENV var and would it be useful to have a default value here in the case where it is omitted? |
Would it make sense to add CI tests here as well? |
/test e2e-aws |
a363882
to
4b8653b
Compare
/test e2e-aws |
4b8653b
to
f5ab6c1
Compare
@josefkarasek please update the commit message to be something like:
|
5bbf134
to
91faca9
Compare
Prometheus server can't access ES metrics, because ES uses certs signed by a self-signed CA, which isn't recognized. Instead a proxy is used, which presents certs signed by a CA which can be accessed through serving-certs-ca-bundle
91faca9
to
7dab408
Compare
/test e2e-operator |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: josefkarasek, lukas-vlcek The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/hold cancel |
/hold |
/hold |
@josefkarasek you will need to address @ewolinetz changes in follow pr |
Prometheus server can't access ES metrics, because ES uses certs
signed by a self-signed CA, which isn't recognized.
Instead a proxy is used, which presents certs signed by a CA
which can be accessed through serving-certs-ca-bundle