Support hybrid nodes with different attestors or config #218
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
…nto direct-tpm-agent Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov>
In some clusters, you may have a mix of nodes with differing attestor needs. For example, some nodes have hardware TPMs and some without. This patch enables configuring multiple daemonsets for the agent that you can target to pools of nodes. Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
kfox1111
requested review from
marcofranssen,
dfeldman,
faisal-memon and
mrsabath
as code owners
Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
…elm-charts-hardened into direct-tpm-agent-hybrid Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov>
Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
…elm-charts-hardened into direct-tpm-agent-hybrid Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
kfox1111
force-pushed
the
direct-tpm-agent-hybrid
branch
from
2d7b459 to
811307d
Compare
Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
Fixes: #220 Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov>
Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov>
faisal-memon
reviewed
Mar 7, 2024
Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov>
Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
faisal-memon
approved these changes
Mar 20, 2024
Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
anhpatel
pushed a commit
to thetradedesk/helm-charts-hardened
that referenced
this pull request
Mar 26, 2024
* Add direct tpm support for spire-agent Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add fingerprinting support Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add example Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update charts/spire/charts/spire-agent/templates/configmap.yaml Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> * Support hybrid nodes with different attestors In some clusters, you may have a mix of nodes with differing attestor needs. For example, some nodes have hardware TPMs and some without. This patch enables configuring multiple daemonsets for the agent that you can target to pools of nodes. Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Remove extra slash Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update docs Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update charts/spire/charts/spire-agent/templates/configmap.yaml Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> * Fix broken tests Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add daemonset labels Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add temporary upgrade hook Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix docs Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix include Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add missing values Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix perms, add upgrade note Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix hardcoded nodeAttestor and keyManager in spire-agent Fixes: spiffe#220 Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix merge issues Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix unit tests Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Pass the agent's securityContext on to Kubernetes Currently its ignored. Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update example to be usable Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Apply suggestions from code review Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> * Update example Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Incorperate feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Incorperate feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix merge conflict issue Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update to the newest release Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Incorperate feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Incorperate feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Apply suggestions from code review Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> * Apply suggestions from code review Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> * Fix version numbers in docs Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Remove merge conflicted extra code Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> --------- Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu>
anhpatel
pushed a commit
to thetradedesk/helm-charts-hardened
that referenced
this pull request
Mar 26, 2024
* 72768ec Support hybrid nodes with different attestors or config (spiffe#218) * 5299642 Bump test chart dependencies * 36e9315 Add external k8s bundler (spiffe#270) * ef610df Complete Server K8S PSAT support (spiffe#242) * d96271c Bump test chart dependencies (spiffe#282) Signed-off-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu>
faisal-memon
added a commit
that referenced
this pull request
Mar 27, 2024
* Bump spire Helm Chart version from 0.18.1 to 0.18.2 * fd3b7d5 Fix duplicate securityContext section in spire-agent (#279) Signed-off-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Add spire-server as deployment Signed-off-by: aniket patel <aniket.patel@thetradedesk.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Add stateless-server example Signed-off-by: aniket patel <aniket.patel@thetradedesk.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Update README.md to add deploymentType Signed-off-by: anhpatel <162738027+anhpatel@users.noreply.github.com> Signed-off-by: aniket patel <aniket.patel@thetradedesk.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Set hpa type based on deploymentType Signed-off-by: aniket patel <aniket.patel@thetradedesk.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Change deploymentType values to lowercase in README Signed-off-by: aniket patel <aniket.patel@thetradedesk.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Update readme for stateless-server Signed-off-by: aniket patel <aniket.patel@thetradedesk.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Revert README changes Signed-off-by: aniket patel <aniket.patel@thetradedesk.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Update readme for deploymentType Signed-off-by: aniket patel <aniket.patel@thetradedesk.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Failure handling only when deployment type checked Signed-off-by: aniket patel <aniket.patel@thetradedesk.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Fix issue with tests not running on automated PRs (#266) * Use github app for version checker Signed-off-by: Faisal Memon <fymemon@yahoo.com> * Use full version Signed-off-by: Faisal Memon <fymemon@yahoo.com> --------- Signed-off-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Bump test chart dependencies (#282) Co-authored-by: marcofranssen <694733+marcofranssen@users.noreply.github.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Bump peter-evans/create-pull-request from 6.0.1 to 6.0.2 (#283) Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.0.1 to 6.0.2. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@v6.0.1...v6.0.2) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Complete Server K8S PSAT support (#242) * Complete Server K8S PSAT support Add all the SPIRE Server supported options for the K8S PSAT attestor. This retains the ease of use for configuring local cluster support while adding the ability to configure multiple/external clusters as well. Kubeconfig support is added in its own config block as it will be used/shared with spire-controller-manager support in the future. Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix merge conflict Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add support for integration tests in the tests/integration dir Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix split issue and typo Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add basic psat test Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix linter Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix up test Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add missing file Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Better encode config Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update charts/spire/charts/spire-server/values.yaml Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> * Update docs Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Apply suggestions from code review Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> * Fix docs Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update charts/spire/charts/spire-server/values.yaml Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> * Fix docs Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update default Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix config file layout. Incorperate feedback. Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Incorperate feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix up kind Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> --------- Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Add external k8s bundler (#270) * Complete Server K8S PSAT support Add all the SPIRE Server supported options for the K8S PSAT attestor. This retains the ease of use for configuring local cluster support while adding the ability to configure multiple/external clusters as well. Kubeconfig support is added in its own config block as it will be used/shared with spire-controller-manager support in the future. Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix merge conflict Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add support for integration tests in the tests/integration dir Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix split issue and typo Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add basic psat test Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix linter Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix up test Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add missing file Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Better encode config Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update charts/spire/charts/spire-server/values.yaml Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> * Update docs Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Apply suggestions from code review Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> * Fix docs Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update charts/spire/charts/spire-server/values.yaml Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> * Fix docs Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add external k8s bundler Adds support to sync the CA bundle to configmaps in external Kubernetes clusters Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update default Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix config file layout. Incorperate feedback. Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Incorperate feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update based on parent pr feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Reformat config file Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix some things Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Reconfigure kind Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * More debugging Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix up kind Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Incorperate feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> --------- Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Bump helm.sh/helm/v3 from 3.14.2 to 3.14.3 in /tests (#285) Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.14.2 to 3.14.3. - [Release notes](https://github.com/helm/helm/releases) - [Commits](helm/helm@v3.14.2...v3.14.3) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Bump docker/login-action from 3.0.0 to 3.1.0 (#286) Bumps [docker/login-action](https://github.com/docker/login-action) from 3.0.0 to 3.1.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@v3...v3.1.0) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Bump test chart dependencies Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Bump github.com/onsi/gomega from 1.31.1 to 1.32.0 in /tests (#291) Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.31.1 to 1.32.0. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.31.1...v1.32.0) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Bump github.com/onsi/ginkgo/v2 from 2.16.0 to 2.17.0 in /tests (#292) Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.16.0 to 2.17.0. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](onsi/ginkgo@v2.16.0...v2.17.0) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Update examples/stateless-server/README.md Co-authored-by: kfox1111 <Kevin.Fox@pnnl.gov> Signed-off-by: anhpatel <162738027+anhpatel@users.noreply.github.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Update charts/spire/charts/spire-server/templates/hpa.yaml Co-authored-by: kfox1111 <Kevin.Fox@pnnl.gov> Signed-off-by: anhpatel <162738027+anhpatel@users.noreply.github.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Update examples/stateless-server/README.md Co-authored-by: kfox1111 <Kevin.Fox@pnnl.gov> Signed-off-by: anhpatel <162738027+anhpatel@users.noreply.github.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Update examples/stateless-server/README.md Co-authored-by: kfox1111 <Kevin.Fox@pnnl.gov> Signed-off-by: anhpatel <162738027+anhpatel@users.noreply.github.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Move spire-server pod spec to _pod_spec Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Support hybrid nodes with different attestors or config (#218) * Add direct tpm support for spire-agent Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add fingerprinting support Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add example Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update charts/spire/charts/spire-agent/templates/configmap.yaml Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> * Support hybrid nodes with different attestors In some clusters, you may have a mix of nodes with differing attestor needs. For example, some nodes have hardware TPMs and some without. This patch enables configuring multiple daemonsets for the agent that you can target to pools of nodes. Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Remove extra slash Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update docs Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update charts/spire/charts/spire-agent/templates/configmap.yaml Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> * Fix broken tests Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add daemonset labels Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add temporary upgrade hook Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix docs Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix include Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add missing values Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix perms, add upgrade note Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix hardcoded nodeAttestor and keyManager in spire-agent Fixes: #220 Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix merge issues Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix unit tests Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Pass the agent's securityContext on to Kubernetes Currently its ignored. Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update example to be usable Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Apply suggestions from code review Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> * Update example Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Incorperate feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Incorperate feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix merge conflict issue Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update to the newest release Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Incorperate feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Incorperate feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Apply suggestions from code review Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> * Apply suggestions from code review Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> * Fix version numbers in docs Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Remove merge conflicted extra code Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> --------- Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Change production example to be an integration test (#237) * Change production example to be an integration test The documentation is a better example then the test now. Separate the two. Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix job name reference Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix job name reference Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update postgresql example Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update mysql example Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update nested and mysql Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix typo Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add support for integration tests in the tests/integration dir Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix split issue and typo Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix split issue Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Try folding example your values into bash so that its not laying around in an fs for a user to accidently use. Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix test Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix test Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix test Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix test Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix test Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix test Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Cleanup Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> --------- Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Remove production values reference Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Update charts/spire/charts/spire-server/templates/pre-delete-hook.yaml Co-authored-by: kfox1111 <Kevin.Fox@pnnl.gov> Signed-off-by: anhpatel <162738027+anhpatel@users.noreply.github.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Update examples/stateless-server/run-tests.sh Co-authored-by: kfox1111 <Kevin.Fox@pnnl.gov> Signed-off-by: anhpatel <162738027+anhpatel@users.noreply.github.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Bump spire Helm Chart version from 0.18.2 to 0.19.0 * 72768ec Support hybrid nodes with different attestors or config (#218) * 5299642 Bump test chart dependencies * 36e9315 Add external k8s bundler (#270) * ef610df Complete Server K8S PSAT support (#242) * d96271c Bump test chart dependencies (#282) Signed-off-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Fix production test (#297) Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Bump test chart dependencies (#299) Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: marcofranssen <694733+marcofranssen@users.noreply.github.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Bump github.com/onsi/ginkgo/v2 from 2.17.0 to 2.17.1 in /tests (#298) Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.17.0 to 2.17.1. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](onsi/ginkgo@v2.17.0...v2.17.1) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: kfox1111 <Kevin.Fox@pnnl.gov> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Fix documentation issue (#300) Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Move statefulset and deployment to server-resource Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> * Change deploymentType to kind Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> --------- Signed-off-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: aniket patel <apatel10@alumni.ncsu.edu> Signed-off-by: aniket patel <aniket.patel@thetradedesk.com> Signed-off-by: anhpatel <162738027+anhpatel@users.noreply.github.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Faisal Memon <fymemon@yahoo.com> Co-authored-by: aniket patel <aniket.patel@thetradedesk.com> Co-authored-by: spire-helm-version-checker[bot] <161522935+spire-helm-version-checker[bot]@users.noreply.github.com> Co-authored-by: marcofranssen <694733+marcofranssen@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: kfox1111 <Kevin.Fox@pnnl.gov>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In some clusters, you may have a mix of nodes with differing attestor or config
needs. For example, some nodes have hardware TPMs and some without.
This patch enables configuring multiple daemonsets for the agent
that you can target to pools of nodes.