-
Notifications
You must be signed in to change notification settings - Fork 22
Conversation
f1f0fe2
to
5897b52
Compare
@marcofranssen I don't think we have any reference to |
I think I saw it somewhere in the labels or something. Will double check. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Found a couple small indentation issues which where resolved recently in other assets as well. See the suggestions. From the files tab you can bundle those in a single commit.
charts/spire/charts/spire-server/templates/tests/test-tornjak-connection.yaml
Outdated
Show resolved
Hide resolved
Made a fix for previous comment here #276 Open issues:
|
Is it possible to deploy tornjak as a separate statefulset? If so, this would be a good one to break out into a subchart. |
Tornjak requires just like the controller manager access to the spire-server socket and can therefore not run in another pod. |
This reverts commit 3210dfe. Signed-off-by: Marco Franssen <marco.franssen@gmail.com>
Signed-off-by: Mariusz Sabath <mrsabath@gmail.com> Signed-off-by: Marco Franssen <marco.franssen@gmail.com> Co-authored-by: Marco Franssen <marco.franssen@gmail.com>
Resolves issue #223 Signed-off-by: Mariusz Sabath <mrsabath@gmail.com>
Signed-off-by: Mariusz Sabath <mrsabath@gmail.com> Signed-off-by: Marco Franssen <marco.franssen@gmail.com> Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> Co-authored-by: Marco Franssen <marco.franssen@gmail.com> Co-authored-by: kfox1111 <Kevin.Fox@pnnl.gov>
This pr updates the Tornjak branch to work with the merged global registry configuration support. Signed-off-by: Mariusz Sabath <mrsabath@gmail.com> Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov>
…ce exhaustion Signed-off-by: Mariusz Sabath <mrsabath@gmail.com>
Signed-off-by: Mariusz Sabath <mrsabath@gmail.com>
Signed-off-by: Mariusz Sabath <mrsabath@gmail.com>
Signed-off-by: Mariusz Sabath <mrsabath@gmail.com>
- Align tornjak backend naming with same convention as frontend - Align Tornjak backend and frontend notes style - Add disclaimer for Tornjak usage to example --------- Signed-off-by: Marco Franssen <marco.franssen@gmail.com>
…connection.yaml Co-authored-by: Marco Franssen <marco.franssen@gmail.com> Signed-off-by: Mariusz Sabath <mrsabath@gmail.com>
Co-authored-by: Marco Franssen <marco.franssen@gmail.com> Signed-off-by: Mariusz Sabath <mrsabath@gmail.com>
Co-authored-by: Marco Franssen <marco.franssen@gmail.com> Signed-off-by: Mariusz Sabath <mrsabath@gmail.com>
Signed-off-by: Mariusz Sabath <mrsabath@gmail.com> Co-authored-by: Marco Franssen <marco.franssen@gmail.com>
Signed-off-by: Marco Franssen <marco.franssen@gmail.com>
Signed-off-by: Mariusz Sabath <mrsabath@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Retested and now the agents are visible in my cluster.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some issues still to resolve.
data: | ||
server.conf: | | ||
server { | ||
metadata = "insert metadata" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this something that should be configurable? Not sure what it is.
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} | ||
{{- end }} | ||
|
||
{{- define "tornjak-frontend.cluster-domain" -}} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is now a spire-lib macro. It can be removed here and used directly in the rest of the template
- name: curl-tornjak-frontend | ||
image: cgr.dev/chainguard/bash:latest | ||
command: ['curl'] | ||
args: ['-k', '-s', '-f', 'http://{{ include "tornjak-frontend.fullname" . }}.{{ include "tornjak-frontend.namespace" . }}.svc.{{ include "tornjak-frontend.cluster-domain" . }}:{{ .Values.service.port }}'] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should use spire-lib.cluster-domain here.
* c1c5b11 Merge pull request #306 from spiffe/remove-1.21 * 0df45e3 Fix up docs * ed038fe Upgrade to spire 1.6.4 (#308) * dc5d9cf Fix root README.md * e4447fd Upgrade Tornjak to new image v1.2.1 (#299) * 69f402e Update docs * 38d51d5 Apply suggestions from code review * a1ba235 Update docs * 1922085 Fix hooks for K3s (#305) * 4fb549e Remove 1.21.x testing * 88efc77 Allow to use spire-server as an upstream authority (#304) * 0ba0388 Add support for spire-server ingress (#68) * 4777a30 Bump test chart dependencies (#301) * 00c2c1a Fix the generated pr so that it runs jobs too (#303) * dd1ad49 Update images for cve's found by the cronjob (#290) * 1c69470 Updated Tornjak documenation with Not-for-production labels (#297) * 7809637 Merge pull request #296 from spiffe/dependabot/github_actions/helm/kind-action-1.7.0 * e61ed17 Merge pull request #295 from spiffe/dependabot/github_actions/sigstore/cosign-installer-3.0.5 * 9975e58 Merge pull request #245 from spiffe/tags * 7bb7ece Bump helm/kind-action from 1.6.0 to 1.7.0 * f1623a5 Bump sigstore/cosign-installer from 3.0.4 to 3.0.5 * f8db5a3 Fix Tornjak persistence issue (#294) * b30b412 Tornjak reuse spire-lib.cluster-domain macro (#292) * 90c9eb5 Fix kubectl-image macro to handle version deprecation * 300d1cc Apply deprecation of image.version to Tornjak * d850486 Instead of removing version, first deprecate version * 59e422b Add documentation for all image.tag values * d1f3cdb Switch image.version to image.tag * 31ce704 Cleanup maintainer handbook (#287) * a2da943 Remove manual dispatch from dummy workflow (#288) * 807558b Bump helm/kind-action from 1.5.0 to 1.6.0 (#285) * 3df67db Bump sigstore/cosign-installer from 3.0.3 to 3.0.4 (#286) * 5505d41 Merge pull request #283 from spiffe/additional-k8s-native-feature-tornjak-frontend * 391f093 Allow to configure topologySpreadConstraints for tornjak-frontend * 5cc26d3 Allow to configure tolerations for tornjak-frontend * 3537161 Allow to configure affinity for tornjak-frontend * aed6fdf Use the correct kubectl for the cluster (#248) * ee43c5e Add nodeSelector for tornjak * fc13cbd Merge pull request #234 from spiffe/tornjak * ed472aa Update documentation * a11cfc9 Allow to define the resources for tornjak backend * 382e0d4 Upgrade Tornjak image to version v1.2.0 (#259) * 657c460 Update charts/spire/charts/tornjak-frontend/templates/service.yaml * 7521caf Update charts/spire/charts/spire-server/templates/tornjak-config.yaml * b64c352 Update charts/spire/charts/spire-server/templates/tests/test-tornjak-connection.yaml * 6ddf6ab Improve tornjak docs (#276) * 80d34f0 Use common post-install scripts for testing * f5efa0c Remove dead macros * bd86518 Fixing shellcheck * 91bdea2 Provide minimal resources to prevent accidental crashes due to resource exhaustion * 1675997 Tornjak global image fix (#228) * 5e827ee Add Tornjak Tests (#220) * bdba97b Add empty directory to Tornjak to support npm cache (#224) * da186c5 Split Tornjak Frontend into separate subchart (#179) * 6d22126 Add Tornjak * 2669d8b Add maintainer's handbook. (#265) * 72596ae Skip tests for docs folders (#281) * 7c71738 Bump test chart dependencies (#279) * 05addae Add json to test path (#280) * 8d9b734 Switch the spire tests to always run (#250) Signed-off-by: Marco Franssen <marco.franssen@gmail.com>
* c1c5b11 Merge pull request #306 from spiffe/remove-1.21 * 0df45e3 Fix up docs * ed038fe Upgrade to spire 1.6.4 (#308) * dc5d9cf Fix root README.md * e4447fd Upgrade Tornjak to new image v1.2.1 (#299) * 69f402e Update docs * 38d51d5 Apply suggestions from code review * a1ba235 Update docs * 1922085 Fix hooks for K3s (#305) * 4fb549e Remove 1.21.x testing * 88efc77 Allow to use spire-server as an upstream authority (#304) * 0ba0388 Add support for spire-server ingress (#68) * 4777a30 Bump test chart dependencies (#301) * 00c2c1a Fix the generated pr so that it runs jobs too (#303) * dd1ad49 Update images for cve's found by the cronjob (#290) * 1c69470 Updated Tornjak documenation with Not-for-production labels (#297) * 7809637 Merge pull request #296 from spiffe/dependabot/github_actions/helm/kind-action-1.7.0 * e61ed17 Merge pull request #295 from spiffe/dependabot/github_actions/sigstore/cosign-installer-3.0.5 * 9975e58 Merge pull request #245 from spiffe/tags * 7bb7ece Bump helm/kind-action from 1.6.0 to 1.7.0 * f1623a5 Bump sigstore/cosign-installer from 3.0.4 to 3.0.5 * f8db5a3 Fix Tornjak persistence issue (#294) * b30b412 Tornjak reuse spire-lib.cluster-domain macro (#292) * 90c9eb5 Fix kubectl-image macro to handle version deprecation * 300d1cc Apply deprecation of image.version to Tornjak * d850486 Instead of removing version, first deprecate version * 59e422b Add documentation for all image.tag values * d1f3cdb Switch image.version to image.tag * 31ce704 Cleanup maintainer handbook (#287) * a2da943 Remove manual dispatch from dummy workflow (#288) * 807558b Bump helm/kind-action from 1.5.0 to 1.6.0 (#285) * 3df67db Bump sigstore/cosign-installer from 3.0.3 to 3.0.4 (#286) * 5505d41 Merge pull request #283 from spiffe/additional-k8s-native-feature-tornjak-frontend * 391f093 Allow to configure topologySpreadConstraints for tornjak-frontend * 5cc26d3 Allow to configure tolerations for tornjak-frontend * 3537161 Allow to configure affinity for tornjak-frontend * aed6fdf Use the correct kubectl for the cluster (#248) * ee43c5e Add nodeSelector for tornjak * fc13cbd Merge pull request #234 from spiffe/tornjak * ed472aa Update documentation * a11cfc9 Allow to define the resources for tornjak backend * 382e0d4 Upgrade Tornjak image to version v1.2.0 (#259) * 657c460 Update charts/spire/charts/tornjak-frontend/templates/service.yaml * 7521caf Update charts/spire/charts/spire-server/templates/tornjak-config.yaml * b64c352 Update charts/spire/charts/spire-server/templates/tests/test-tornjak-connection.yaml * 6ddf6ab Improve tornjak docs (#276) * 80d34f0 Use common post-install scripts for testing * f5efa0c Remove dead macros * bd86518 Fixing shellcheck * 91bdea2 Provide minimal resources to prevent accidental crashes due to resource exhaustion * 1675997 Tornjak global image fix (#228) * 5e827ee Add Tornjak Tests (#220) * bdba97b Add empty directory to Tornjak to support npm cache (#224) * da186c5 Split Tornjak Frontend into separate subchart (#179) * 6d22126 Add Tornjak * 2669d8b Add maintainer's handbook. (#265) * 72596ae Skip tests for docs folders (#281) * 7c71738 Bump test chart dependencies (#279) * 05addae Add json to test path (#280) * 8d9b734 Switch the spire tests to always run (#250) Signed-off-by: Marco Franssen <marco.franssen@gmail.com>
This PR integrates support for Tornjak components: API (backend) and UI (frontend).
Tornjak provides an easy and intuitive graphical user interface and control plane for SPIRE.