feat: Venafi Enhanced Issuer config + chart docs update #430
Conversation
Signed-off-by: Peter Fiddes <[email protected]>
jetstack-bot
added
the
size/M
Signed-off-by: Peter Fiddes <[email protected]>
Signed-off-by: Peter Fiddes <[email protected]>
jetstack-bot
added
size/L
| @@ -2,136 +2,151 @@ | |||
|
|
|||
| Jetstack Secure Agent | |||
There was a problem hiding this comment.
Can you update this to read TLS Protect for Kubernetes Agent
There was a problem hiding this comment.
I agree this should be done, but I think that change will be much larger than just the title. To the extent of this repository being renamed or even moved to be under Venafi Organisation.
I will follow up with product to see where this is on their roadmap.
| The helm chart is an OCI chart artifact hosted on both EU and US registries: | ||
|
|
||
| - `oci://eu.gcr.io/jetstack-secure-enterprise/charts/jetstack-agent` | ||
| - `oci://us.gcr.io/jetstack-secure-enterprise/charts/jetstack-agent` |
There was a problem hiding this comment.
Outside of this doc update, can we confirm that we have a proper process in place to make sure both eu.gcr.io and us.gcr.io are in sync. Last I checked there were some images that were only on eu.gcr.io
There was a problem hiding this comment.
we do have a process built in enterprise builds just pending a final review and merge here https://github.com/jetstack/enterprise-builds/pull/104
There was a problem hiding this comment.
Thanks @SpectralHiss - yes @sitaramkm please see that thread regarding this issue. The current 0.1.0 version of the chart is there because Houssem was proving out his work on publishing the chart, which may have only went to the eu registry. Hopefully once that PR is merged, all future versions will go to both registries.
| @@ -5,54 +5,122 @@ | |||
|
|
|||
| ## Additional Information | |||
|
|
|||
| The Jetstack secure agent helm chart installs the Kubernetes agent that connects to The TLS Protect For Kubernetes platform. | |||
| The Jetstack Secure agent helm chart installs the Kubernetes agent that connects to the TLS Protect For Kubernetes (TLSPK) platform. | |||
There was a problem hiding this comment.
The TLS Protect for Kubernetes agent Helm chart
There was a problem hiding this comment.
I think I caught this with my latest commit
Signed-off-by: Peter Fiddes <[email protected]>
|
@sitaramkm - I made a couple tweaks to use I very nearly just linked to the website but thought it was nice to have a copy with the chart so it was a complete package. Regarding naming, lets keep that for a separate thread because the scope of that could be huge. I've added #431 to be a catch all for renaming / branding discussions. |
VenafiIssuerandVenafiClusterIssuerresources to RBACVenafiIssuerandVenafiClusterIssuerto configConfigMap&SecretVolumes required.v0.1.39after updates from trivy scan vulnerability results #307helm-docsused to match latest availableCloses #422
Pic showing that using this version of the chart I do indeed have a
VenafiIssuerin TLSPK, a.k.a JSS:I've tested my install but would appreciate someone else giving it a run over as well.