Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add additional env variables to fulcio chart #790

Open
wants to merge 6 commits into
base: main
Choose a base branch
from

Conversation

Racer159
Copy link

Description of the change

Support GCP credentials for external cloud provider workloads and add additional env vars for specifying values like VAULT_ADDR

Existing or Associated Issue(s)

This is a repickup of #530

Additional Information

Checklist

  • Chart version bumped in Chart.yaml according to semver. Where applicable, update and bump the versions in any associated umbrella chart
  • Variables are documented in the values.yaml and added to the README.md. The helm-docs utility can be used to generate the necessary content. Use helm-docs --dry-run to preview the content.
  • JSON Schema generated.
  • List tests pass for Chart using the Chart Testing tool and the ct lint command.

@Racer159 Racer159 force-pushed the feat/fulcio-env-gcp branch from dbd368c to 674cab3 Compare July 29, 2024 22:17
@Racer159
Copy link
Author

Racer159 commented Jul 30, 2024

On this though would it make sense to use a pattern more similar to Rekor for extra env vars? https://github.com/sigstore/helm-charts/blob/main/charts/rekor/templates/server/deployment.yaml#L105 - it may be nice in many cases to pull env vars from secrets rather than pass them through Helm values. (i.e. VAULT_TOKEN - this env var would likely ideally come through a secret or be an extra volume mount)

@Racer159 Racer159 force-pushed the feat/fulcio-env-gcp branch from 674cab3 to de59237 Compare August 4, 2024 20:09
Racer159 and others added 6 commits August 7, 2024 11:49
Support GCP credentials for external cloud provider workloads

Co-authored-by: saisatish karra <[email protected]>
Signed-off-by: Wayne Starr <[email protected]>
Co-authored-by: saisatish karra <[email protected]>
Signed-off-by: Wayne Starr <[email protected]>
Co-authored-by: saisatish karra <[email protected]>
Signed-off-by: Wayne Starr <[email protected]>
Co-authored-by: saisatish karra <[email protected]>
Signed-off-by: Wayne Starr <[email protected]>
Signed-off-by: Wayne Starr <[email protected]>
@Racer159 Racer159 force-pushed the feat/fulcio-env-gcp branch from de59237 to a2f7ddf Compare August 7, 2024 17:50
@Racer159
Copy link
Author

Racer159 commented Aug 7, 2024

(would also like to make a similar change to the rekor chart - could do that in this PR or a separate one - currently there is a way to force things to work but it isn't a great solution: https://github.com/defenseunicorns/uds-package-sigstore/blob/main/bundle/uds-bundle.yaml#L52)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant