-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issue #56: Adds vault-ui ingress #65
Issue #56: Adds vault-ui ingress #65
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nice diagram!
Some of the filenames have inconsistent cases when we expect lowercase everywhere. Maybe an additional check to add to repo standards?
Updated file name and created reference issue ai-cfia/github-workflows#105 |
…ause it currently doesnt have enough credentials to access vault
…-access-the-vault-ui-and-configure-secrets
I still see an uppercase PNG extension |
done |
…-access-the-vault-ui-and-configure-secrets
remaining task should provide us the ability to operate vault through kubernetes manifest. Problem is I am having problems giving proper authentication to the operator to manage vault. Since this is not a priority, it will be done in another issue. I also added the whitelisting source to allow access to vault only from vpn and internal. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
@rngadam We are having problems with our vault ui access since this pull request isn't merged. We have done fixing changes that would allow to fix these problems. The vite mgiration for nachet introduces updates to secrets. Since we arent able to access vault currently, we wont be able to deploy the new version of nachet. |
@@ -0,0 +1,101 @@ | |||
# Secret management |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Create follow issue to turn this into an ADR to review by team and security.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Opened ai-cfia/dev-rel-docs#117
capabilities = [ "create", "update", "delete" ] | ||
} | ||
--- | ||
apiVersion: redhatcop.redhat.io/v1alpha1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
future issue: document and explain reliance on redhat.io
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
referenced in #99
We want to enable access to the vault-ui to enable the team to create secrets.
TODO before ready for merge:
- [ ] Find fix to enable vault config operator to have enough permissions to access and configure vault.Preceding task will be done in another issue since its to provide automation of vault configuration but we have problems enabling the operator to have proper permissions on the cluster to interact with vault. Since this is not a priority we will open an issue.