-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[SECURESIGN-570] Rekor add options to set trillian_log_server #196
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it will be better to change the API to something like this:
spec:
trillian:
address: trillian.example.com
port: 8091
current state has problem that Trillain instance has to be installed in same cluster as Rekor which is unnecessary limitation. It will be much more flexibel for example:
- set ip address instead of dns record
- usage of API Gateway
- external DNS name
You can set address and port default values to make default deployment simple and configure these options if changes are required.
Default values:
- address = trillian-logserver.svc
- port = 8091
I think that you can skip helm chart for testing it and use only Operator. Trillian and Rekor should be possible to install separately via Operator CRD. Trillain in trillian-system namespace
Rekor in rekor-system namespace
|
b54eb19
to
bbc3f09
Compare
9ac0924
to
a742eff
Compare
887fb36
to
915a219
Compare
b004db2
to
b3f554e
Compare
/retest |
779d721
to
3a44319
Compare
3ac2412
to
2af8eec
Compare
02f11e4
to
09b1954
Compare
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: bouskaJ, osmman, tommyd450 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
#79
First actual pass at a pr for this, creating the yaml with the "externalTrillian" field added as well as providing the treeID of that trillian instance worked seemingly though I would love for someone else to take a brief look.
My process for testing this was installing the helm chart and pointing the the operators rekor-server at the trillian-system namespace and providing its TreeID.