-
Notifications
You must be signed in to change notification settings - Fork 507
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Initial addition of terrascan helm chart #688
Conversation
In some cases, user may want to have db storage on persistent volume. Also moved container image to parameter
Codecov Report
@@ Coverage Diff @@
## master #688 +/- ##
==========================================
- Coverage 73.86% 73.78% -0.08%
==========================================
Files 110 110
Lines 3176 3285 +109
==========================================
+ Hits 2346 2424 +78
- Misses 652 677 +25
- Partials 178 184 +6
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
nit: let's remove NOTES.txt
, and README.md
if needed
Two important points:
Incase the pod the dies down, the webhook will not allow even the new terrascan pod itself to be created. Thus, creating a deadlock. |
FYI please don't merge yet - doing a little more work on this, will merge in by COB today. |
(sidetracked on the homebrew stuff...still chewing on this) |
Working on some helm variable names for clarity, Added admission webook template
Trying to remove myself as a blocker on this. Just pushed some more changes. @dev-gaur - maybe during your day you can test this out and help with the docs? I haven't made any changes yet around the issue of what happens when the admission controller restarts - probably worth testing by killing the pod and seeing what happens. |
Co-authored-by: Devang Gaur <devang.gaur@accurics.com>
If the admission controller webhook is deployed at same time as terrascan service, there's sometimes a race condition where the webhook starts before terrascan, and then blocks terrascan from starting. So users can read about admission controller in the docs, and deploy that yaml manually.
…to controller-helm
Kudos, SonarCloud Quality Gate passed! 0 Bugs No Coverage information |
Fixes #685