fix: include cel flags on audit deployment #3414
Conversation
Signed-off-by: Noah Reisch <noahreisch4@gmail.com>
nreisch
force-pushed
the
nreisch/fixAuditChart
branch
from
0ef3012 to
3f69298
Compare
| @@ -184,6 +184,8 @@ spec: | |||
| - HELMSUBST_DEPLOYMENT_AUDIT_LOGFILE | |||
| - --disable-cert-rotation={{ or .Values.audit.disableCertRotation .Values.externalCertInjection.enabled }} | |||
| - --external-data-provider-response-cache-ttl={{ .Values.externaldataProviderResponseCacheTTL }} | |||
| - --experimental-enable-k8s-native-validation={{ .Values.enableK8sNativeValidation }} | |||
| - --vap-enforcement={{ .Values.vapEnforcement }} | |||
There was a problem hiding this comment.
@ritazh will the change contemplated by
open-policy-agent/frameworks#427
affect this flag?
I don't think it will b/c we are assuming undefined on the template will default to the behavior provided by the flag?
There was a problem hiding this comment.
Right. undefined on the template will default to this flag. scopedEnforcementAction at the constraint level can however omit the constraint from audit is a new experience that may be surprising to users.
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #3414 +/- ##
==========================================
- Coverage 54.49% 46.78% -7.72%
==========================================
Files 134 218 +84
Lines 12329 14784 +2455
==========================================
+ Hits 6719 6916 +197
- Misses 5116 7067 +1951
- Partials 494 801 +307
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
What this PR does / why we need it:
Noticed when testing the oss chart with Helm, the cel enablement flags were not available on Audit
Which issue(s) this PR fixes (optional, using
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when the PR gets merged):Fixes #
Special notes for your reviewer: