Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feature: Install rekor when using ckcp #152

Closed
wants to merge 1 commit into from
Closed

feature: Install rekor when using ckcp #152

wants to merge 1 commit into from

Conversation

Roming22
Copy link
Contributor

Rekor is required to store the data for tekton-chains.

Signed-off-by: Romain Arnaud rarnaud@redhat.com

The content of this PR will be required when we'll want to deploy tekton-chains.

xinredhat
xinredhat reviewed Jul 14, 2022
View reviewed changes
ckcp/openshift_dev_setup.sh Outdated Show resolved Hide resolved
ckcp/openshift_dev_setup.sh Outdated Show resolved Hide resolved
@bnallapeta
Copy link
Contributor

@Roming22 Does #126 needs to be merged before this? If so, please take a look at that one as it it currently marked as Draft.

@Roming22
Copy link
Contributor Author

Roming22 commented Jul 18, 2022
edited
Loading

@bnallapeta This PR can be merged independently from #126.

@bnallapeta
Copy link
Contributor

bnallapeta commented Jul 18, 2022
edited
Loading

@Roming22

  1. If Rekor is going to form a part of our staging cluster and thus part of our code base for staging clusters, I think it should go under gitops/argocd and not under ckcp. Let me know what you think.
  2. Please rename 'application.yaml' to 'rekor.yaml'.
  3. Looks like this path is incorrect.
  4. I see you are using helm chart of Rekor to install it. I explored other ways to install from their documentation. Although, I am not certain of which is the best way to install out of the options available to us, I am a little skeptical about using helm. This brings in a whole new tool with its own way of customizations. See the deployment.yaml for instance. All the values are substituted from values.yaml.

@Roming22
Copy link
Contributor Author

@bnallapeta

  1. We're not sure which rekor instance is going to be used for staging/prod in the long term. Right now they are using a public rekor instance, hence why we only need it in ckcp at the moment.
  2. Done.
  3. I'm not sure I understand which path you're pointing me at. Can you please either specify the file/line or open a comment?
  4. I've lifted the install straight from the hack scripts in infra-deployments. I had a look at the rekor operator, but the git repo clearly state that it's not ready to be used.

@bnallapeta
Copy link
Contributor

@Roming22
In general, I am not confident on what is the correct installation method or the usability thereafter. But if we want to stay in line with the way HACBS is doing it, I guess that should be good.
(ignore my comment on the path. Looks right)

@fgiloux Please provide any thoughts (merge the PR if all is well :p).

@Roming22
feature: Install rekor when using ckcp
57d9d94 
Rekor is required to store the data for tekton-chains.

Signed-off-by: Romain Arnaud <rarnaud@redhat.com>
@Roming22
Copy link
Contributor Author

After discussion, there is no need to deploy rekor on the cluster. For testing, a public rekor instance is good enough.

@Roming22 Roming22 closed this Jul 26, 2022
Roming22 pushed a commit that referenced this pull request Dec 19, 2022
@Michkov
Merge pull request #152 from joejstuart/ssl-mac
5d97821 
dynamic support for openssl.cnf location
@Roming22 Roming22 deleted the rekor branch February 3, 2023 19:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@xinredhat xinredhat xinredhat left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Roming22 @bnallapeta @xinredhat