Add Kubernetes RBAC and PodSecurityPolicy #946
Conversation
|
Docker image for this PR was built and is available on Docker Hub. You can pull it locally via the CLI: docker pull tomkerkhove/promitor-agent-scraper-ci:pr946-linuxWant to verify the new version? Run it locally: docker run -d -p 8999:80 --name promitor-agent-scraper-pr946-linux \
--env PROMITOR_AUTH_APPID='<azure-ad-app-id>' \
--env-file C:/Promitor/az-mon-auth.creds \
--volume C:/Promitor/metrics-declaration.yaml:/config/metrics-declaration.yaml \
--volume C:/Promitor/runtime-config.yaml:/config/runtime.yaml \
tomkerkhove/promitor-agent-scraper-ci:pr946-linuxYou can find a CI version of our Helm chart on hub.helm.sh |
There was a problem hiding this comment.
LGTM, just added a few comments.
Can you list the new properties in our chart docs as well please?
https://github.com/tomkerkhove/promitor/blob/master/charts/promitor-agent-scraper/README.md
|
Docker image for this PR was built and is available on Docker Hub. You can pull it locally via the CLI: docker pull tomkerkhove/promitor-agent-scraper-ci:pr946-linuxWant to verify the new version? Run it locally: docker run -d -p 8999:80 --name promitor-agent-scraper-pr946-linux \
--env PROMITOR_AUTH_APPID='<azure-ad-app-id>' \
--env-file C:/Promitor/az-mon-auth.creds \
--volume C:/Promitor/metrics-declaration.yaml:/config/metrics-declaration.yaml \
--volume C:/Promitor/runtime-config.yaml:/config/runtime.yaml \
tomkerkhove/promitor-agent-scraper-ci:pr946-linuxYou can find a CI version of our Helm chart on hub.helm.sh |
charts/promitor-agent-scraper/templates/clusterrolebinding.yaml
Outdated
Show resolved
Hide resolved
charts/promitor-agent-scraper/templates/clusterrolebinding.yaml
Outdated
Show resolved
Hide resolved
|
Docker image for this PR was built and is available on Docker Hub. You can pull it locally via the CLI: docker pull tomkerkhove/promitor-agent-scraper-ci:pr946-linuxWant to verify the new version? Run it locally: docker run -d -p 8999:80 --name promitor-agent-scraper-pr946-linux \
--env PROMITOR_AUTH_APPID='<azure-ad-app-id>' \
--env-file C:/Promitor/az-mon-auth.creds \
--volume C:/Promitor/metrics-declaration.yaml:/config/metrics-declaration.yaml \
--volume C:/Promitor/runtime-config.yaml:/config/runtime.yaml \
tomkerkhove/promitor-agent-scraper-ci:pr946-linuxYou can find a CI version of our Helm chart on hub.helm.sh |
|
Ready to merge once the CI is fixed! |
|
Docker image for this PR was built and is available on Docker Hub. You can pull it locally via the CLI: docker pull tomkerkhove/promitor-agent-scraper-ci:pr946-linuxWant to verify the new version? Run it locally: docker run -d -p 8999:80 --name promitor-agent-scraper-pr946-linux \
--env PROMITOR_AUTH_APPID='<azure-ad-app-id>' \
--env-file C:/Promitor/az-mon-auth.creds \
--volume C:/Promitor/metrics-declaration.yaml:/config/metrics-declaration.yaml \
--volume C:/Promitor/runtime-config.yaml:/config/runtime.yaml \
tomkerkhove/promitor-agent-scraper-ci:pr946-linuxYou can find a CI version of our Helm chart on hub.helm.sh |
|
It should have been a simple thing to implement. I could have been a little tired while working on this.. anyway, I adjusted the logic, would you be able to review it one more time? thanks a lot and sorry for wasting your time with all these commits.. |
|
Docker image for this PR was built and is available on Docker Hub. You can pull it locally via the CLI: docker pull tomkerkhove/promitor-agent-scraper-ci:pr946-linuxWant to verify the new version? Run it locally: docker run -d -p 8999:80 --name promitor-agent-scraper-pr946-linux \
--env PROMITOR_AUTH_APPID='<azure-ad-app-id>' \
--env-file C:/Promitor/az-mon-auth.creds \
--volume C:/Promitor/metrics-declaration.yaml:/config/metrics-declaration.yaml \
--volume C:/Promitor/runtime-config.yaml:/config/runtime.yaml \
tomkerkhove/promitor-agent-scraper-ci:pr946-linuxYou can find a CI version of our Helm chart on hub.helm.sh |
|
No worries at all @etiennetremel, I'm more than happy to review and I konw how these things go 😅 I was wondering - I saw that the name logic was reverted, was this on purpose or by accident? |
|
Docker image for this PR was built and is available on Docker Hub. You can pull it locally via the CLI: docker pull tomkerkhove/promitor-agent-scraper-ci:pr946-linuxWant to verify the new version? Run it locally: docker run -d -p 8999:80 --name promitor-agent-scraper-pr946-linux \
--env PROMITOR_AUTH_APPID='<azure-ad-app-id>' \
--env-file C:/Promitor/az-mon-auth.creds \
--volume C:/Promitor/metrics-declaration.yaml:/config/metrics-declaration.yaml \
--volume C:/Promitor/runtime-config.yaml:/config/runtime.yaml \
tomkerkhove/promitor-agent-scraper-ci:pr946-linuxYou can find a CI version of our Helm chart on hub.helm.sh |
|
Ready to go from my side! I presume you've tested this change, right 😅 |
|
You can give it a try, we have been using this configuration since the beginning of the week. |
|
Docker image for this PR was built and is available on Docker Hub. You can pull it locally via the CLI: docker pull tomkerkhove/promitor-agent-scraper-ci:pr946-linuxWant to verify the new version? Run it locally: docker run -d -p 8999:80 --name promitor-agent-scraper-pr946-linux \
--env PROMITOR_AUTH_APPID='<azure-ad-app-id>' \
--env-file C:/Promitor/az-mon-auth.creds \
--volume C:/Promitor/metrics-declaration.yaml:/config/metrics-declaration.yaml \
--volume C:/Promitor/runtime-config.yaml:/config/runtime.yaml \
tomkerkhove/promitor-agent-scraper-ci:pr946-linuxYou can find a CI version of our Helm chart on hub.helm.sh |
|
Thanks man! |
Add support for Kubernetes clusters enforcing pod security policy.
Closes #951
Closes #952