Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix generate tls cert insecure algorithm SHA1-RSA #2

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

fix generate tls cert insecure algorithm SHA1-RSA #2

wants to merge 4 commits into from

Conversation

redwarn
Copy link

@redwarn redwarn commented Sep 6, 2022

What this PR does / why we need it:
fix generate tls cert script add -sha256 support
fix would violate PodSecurity "restricted:latest": unrestricted capabilities, add securityContext

Which issue(s) this PR fixes (optional, using fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when the PR gets merged):
Fixes #

Special notes for your reviewer:

@sozercan sozercan self-requested a review September 19, 2022 18:21
sozercan
sozercan reviewed Sep 20, 2022
View reviewed changes
charts/external-data-provider/templates/external-data-provider-deployment.yaml Outdated
@@ -34,6 +34,9 @@ spec:
mountPath: /tmp/gatekeeper
readOnly: true
{{- end }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: remove new line

sozercan
sozercan reviewed Sep 20, 2022
View reviewed changes
charts/external-data-provider/values.yaml Outdated
- ALL
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: add newline

sozercan
sozercan reviewed Sep 20, 2022
View reviewed changes
charts/external-data-provider/values.yaml Outdated
@@ -7,3 +7,12 @@ provider:
enabled: true
caBundle: ""
skipVerify: false

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: remove new line

sozercan
sozercan requested changes Sep 20, 2022
View reviewed changes
Copy link
Member

@sozercan sozercan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@redwarn thanks for the PR! couple nits in the comments

@yanhu-cheng-20230331
fix yaml format
ffed5cb 
Signed-off-by: yanhu.cheng <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sozercan sozercan sozercan requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@redwarn @sozercan @yanhu-cheng-20230331