Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ALT-828 Allow DRC2 calls with SPIRE #99

Merged
merged 1 commit into from
Jan 3, 2024
Merged

ALT-828 Allow DRC2 calls with SPIRE #99

merged 1 commit into from
Jan 3, 2024

Conversation

dgloe-hpe
Copy link
Contributor

Summary and Scope

The DRC2 feature uses a new "ogopogod" API with SPIRE. Add this to the OPA policy to enable this feature.

Issues and Related PRs

Testing

Tested on:

  • Local development environment

Test description:

Tested with unit tests.

  • Were the install/upgrade-based validation checks/tests run (goss tests/install-validation doc)? No
  • Were continuous integration tests run? If not, why? No
  • Was upgrade tested? If not, why? No
  • Was downgrade tested? If not, why? No
  • Were new tests (or test issues/Jiras) created for this change? Yes

Risks and Mitigations

If the WLM SPIRE client secret is leaked, the attacker will be able to configure DRC2 VNIs on the system. This can be mitigated by revoking and regenerating the WLM client secret.

Pull Request Checklist

  • Version number(s) incremented, if applicable
  • Copyrights updated
  • License file intact
  • Target branch correct
  • CHANGELOG.md updated
  • Testing is appropriate and complete, if applicable
  • HPC Product Announcement prepared, if applicable

@dgloe-hpe
ALT-828 Allow DRC2 calls with SPIRE
8117bd1 
The DRC2 feature uses a new "ogopogod" API with SPIRE. Add this to the
OPA policy to enable this feature.
@dgloe-hpe dgloe-hpe requested a review from a team as a code owner December 19, 2023 17:22
@dgloe-hpe
Copy link
Contributor Author

Could someone please merge this for me? I don't have permission to do so.

@ndavidson-hpe
Copy link
Contributor

Could someone please merge this for me? I don't have permission to do so.

Do you need someone to make a release as well?

@ndavidson-hpe ndavidson-hpe merged commit 54fac3e into master Jan 3, 2024
3 of 4 checks passed
@dgloe-hpe
Copy link
Contributor Author

Could someone please merge this for me? I don't have permission to do so.

Do you need someone to make a release as well?

I'm not familiar with the release process for this repo. If someone could do that for me (or point me to instructions), that would be great.

@ndavidson-hpe
Copy link
Contributor

Could someone please merge this for me? I don't have permission to do so.

Do you need someone to make a release as well?

I'm not familiar with the release process for this repo. If someone could do that for me (or point me to instructions), that would be great.

I have created the release. It will generate the chart and store it in the stable section on artifactory. It will then need a PR to the CSM repo to pull in the correct chart version.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bo-quan bo-quan bo-quan approved these changes

@kimjensen-hpe kimjensen-hpe kimjensen-hpe approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@dgloe-hpe @ndavidson-hpe @bo-quan @kimjensen-hpe