Add aws_pca to the spire-server #404

PetrMc · 2023-07-25T23:28:33Z

This change allows aws_pca to be configured via values of this chart.

Requires 1.7.1 version per bug - this will not work until 1.7.1 is released.

Signed-off-by: Petr McAllister <petr.mcallister@gmail.com>

marcofranssen

LGTM

charts/spire/charts/spire-server/values.yaml

kfox1111

Thank you so much for working on this.

A few formatting changes to follow convention are suggested inline.

charts/spire/charts/spire-server/values.yaml

Co-authored-by: Marco Franssen <marco.franssen@gmail.com> Co-authored-by: kfox1111 <Kevin.Fox@pnnl.gov> Signed-off-by: Petr McAllister <petr@tetrate.io>

Signed-off-by: Petr McAllister <petr.mcallister@gmail.com>

kfox1111

Thanks for the update. Some comments inline.

charts/spire/charts/spire-server/values.yaml

Signed-off-by: Petr McAllister <petr.mcallister@gmail.com>

Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>

kfox1111

LGTM

* d2e1606 issuer naming should respect issuer_name override (#378) * a2e5c36 Bump test chart dependencies (#416) * a09e054 support annotations so oidc can be annotated (#391) * 7d94b10 Update spire to 1.7.1 (#412) * 9f4d4ac Add aws_pca to the spire-server (#404) * af13f1f Bump test chart dependencies (#401) * 9a6768b Add support for disabling container selectors (#399) * 4687e20 Merge pull request #315 from spiffe/persistence-type * e16210c Merge branch 'main' into persistence-type * 624ca9c Remove misadded lockfile (#400) * 7ce67c6 Bump actions/checkout from 3.5.2 to 3.5.3 (#395) * b85ba64 Bump helm/kind-action from 1.7.0 to 1.8.0 (#396) * a6bdb4d Add persistence type flag Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* 5e2e8a9 Adds AWS KMS KeyManager support (#435) * 77fe43f Cron job to check for and update images (#249) * b7e1525 Allow job hooks to be disabled (#434) * 5e4cf6f Clarify project issues identified with nesting document (#450) * 7289351 Update spire bits to 1.7.2 (#452) * dc8a454 Array spacing in values is incorrect in a file. (#451) * 94326d9 Fixup Helm docs * ae8941c Support Nested Spire with External Agent (#117) * f40743d Improve Tornjak documentation (#439) * 0124f63 Bypass example-test for docs only changes (#449) * 48a2898 Fix chainguard image references as per issue 442 (#443) * bd393e9 Bump test chart dependencies (#445) * a52818a Add a FAQ and switch rare issue from README to it (#437) * e60f528 option to set KeyManager memory in spire server (#444) * a167ce6 Bump actions/setup-go from 4.0.1 to 4.1.0 * e774584 Bump test chart dependencies (#426) * bfec27e Fix jwtIssuer to allow for Uris including scheme (#425) * 7a6e4f8 Change Tornjak backend default port (#436) * 1e3039c Bump spire Helm Chart version from 0.11.0 to 0.11.1 (#419) * d2e1606 issuer naming should respect issuer_name override (#378) * a2e5c36 Bump test chart dependencies (#416) * a09e054 support annotations so oidc can be annotated (#391) * 7d94b10 Update spire to 1.7.1 (#412) * 9f4d4ac Add aws_pca to the spire-server (#404) * af13f1f Bump test chart dependencies (#401) * 9a6768b Add support for disabling container selectors (#399) * 4687e20 Merge pull request #315 from spiffe/persistence-type * e16210c Merge branch 'main' into persistence-type * 624ca9c Remove misadded lockfile (#400) * 7ce67c6 Bump actions/checkout from 3.5.2 to 3.5.3 (#395) * b85ba64 Bump helm/kind-action from 1.7.0 to 1.8.0 (#396) * a6bdb4d Add persistence type flag Signed-off-by: Marco Franssen <marco.franssen@gmail.com>

Please review the below changelog to ensure this matches up with the semantic version being applied. > **Note**: **Maintainers** ensure to run following after merging this PR to trigger the release workflow: > > ```shell > git checkout main > git pull > git checkout release > git pull > git merge main > git push > ``` **Changes in this release** * 5e2e8a9 Adds AWS KMS KeyManager support (#435) * 77fe43f Cron job to check for and update images (#249) * b7e1525 Allow job hooks to be disabled (#434) * 5e4cf6f Clarify project issues identified with nesting document (#450) * 7289351 Update spire bits to 1.7.2 (#452) * dc8a454 Array spacing in values is incorrect in a file. (#451) * 94326d9 Fixup Helm docs * ae8941c Support Nested Spire with External Agent (#117) * f40743d Improve Tornjak documentation (#439) * 0124f63 Bypass example-test for docs only changes (#449) * 48a2898 Fix chainguard image references as per issue 442 (#443) * bd393e9 Bump test chart dependencies (#445) * a52818a Add a FAQ and switch rare issue from README to it (#437) * e60f528 option to set KeyManager memory in spire server (#444) * a167ce6 Bump actions/setup-go from 4.0.1 to 4.1.0 * e774584 Bump test chart dependencies (#426) * bfec27e Fix jwtIssuer to allow for Uris including scheme (#425) * 7a6e4f8 Change Tornjak backend default port (#436) * 1e3039c Bump spire Helm Chart version from 0.11.0 to 0.11.1 (#419) * d2e1606 issuer naming should respect issuer_name override (#378) * a2e5c36 Bump test chart dependencies (#416) * a09e054 support annotations so oidc can be annotated (#391) * 7d94b10 Update spire to 1.7.1 (#412) * 9f4d4ac Add aws_pca to the spire-server (#404) * af13f1f Bump test chart dependencies (#401) * 9a6768b Add support for disabling container selectors (#399) * 4687e20 Merge pull request #315 from spiffe/persistence-type * e16210c Merge branch 'main' into persistence-type * 624ca9c Remove misadded lockfile (#400) * 7ce67c6 Bump actions/checkout from 3.5.2 to 3.5.3 (#395) * b85ba64 Bump helm/kind-action from 1.7.0 to 1.8.0 (#396) * a6bdb4d Add persistence type flag Signed-off-by: Marco Franssen <marco.franssen@gmail.com>

PetrMc requested review from marcofranssen, kfox1111, developer-guy, dfeldman, faisal-memon, mrsabath and edwbuck as code owners July 25, 2023 23:28

Add aws_pca to the spire-server

4cde8e5

Signed-off-by: Petr McAllister <petr.mcallister@gmail.com>

PetrMc force-pushed the main branch from 4764e66 to 4cde8e5 Compare July 25, 2023 23:37

marcofranssen approved these changes Jul 27, 2023

View reviewed changes

charts/spire/charts/spire-server/values.yaml Outdated Show resolved Hide resolved

kfox1111 reviewed Jul 27, 2023

View reviewed changes

charts/spire/charts/spire-server/values.yaml Outdated Show resolved Hide resolved

charts/spire/charts/spire-server/values.yaml Outdated Show resolved Hide resolved

Petr McAllister and others added 2 commits July 27, 2023 09:50

Apply suggestions from code review

20d1ffb

Co-authored-by: Marco Franssen <marco.franssen@gmail.com> Co-authored-by: kfox1111 <Kevin.Fox@pnnl.gov> Signed-off-by: Petr McAllister <petr@tetrate.io>

Applying camelCase

5dbe4d7

Signed-off-by: Petr McAllister <petr.mcallister@gmail.com>

kfox1111 reviewed Jul 27, 2023

View reviewed changes

PetrMc and others added 3 commits July 27, 2023 12:03

Fix ARM spelling, regenerate READMEs

f22a33f

Signed-off-by: Petr McAllister <petr.mcallister@gmail.com>

Merge branch 'main' into main

7605fd6

Fix whitespace issue

7d3c0d2

Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>

kfox1111 approved these changes Jul 27, 2023

View reviewed changes

kfox1111 merged commit 9f4d4ac into spiffe:main Jul 27, 2023
18 of 19 checks passed

faisal-memon added this to the 0.12.0 milestone Jul 31, 2023

marcofranssen mentioned this pull request Aug 18, 2023

Bump spire Helm Chart version from 0.11.1 to 0.12.0 #455

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add aws_pca to the spire-server #404

Add aws_pca to the spire-server #404

PetrMc commented Jul 25, 2023

marcofranssen left a comment

kfox1111 left a comment

kfox1111 left a comment

kfox1111 left a comment

Add aws_pca to the spire-server #404

Add aws_pca to the spire-server #404

Conversation

PetrMc commented Jul 25, 2023

marcofranssen left a comment

Choose a reason for hiding this comment

kfox1111 left a comment

Choose a reason for hiding this comment

kfox1111 left a comment

Choose a reason for hiding this comment

kfox1111 left a comment

Choose a reason for hiding this comment