Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use projected token mount for terraformer #399

Merged
merged 1 commit into from
Mar 14, 2022
Merged

Use projected token mount for terraformer #399

merged 1 commit into from
Mar 14, 2022

Conversation

rfranzke
Copy link
Member

@rfranzke rfranzke commented Mar 2, 2022

How to categorize this PR?

/area security
/kind enhancement

What this PR does / why we need it:
This PR enables projected token mounts for the terraformer pods.

Which issue(s) this PR fixes:
Part of gardener/gardener#4659
Part of gardener/gardener#4878

Release note:

The `terraformer` pod deployed as part of shoot control planes is now using auto-rotated `ServiceAccount` tokens when communicating with the seed cluster.

@rfranzke rfranzke requested review from a team as code owners March 2, 2022 15:22
@rfranzke
Copy link
Member Author

rfranzke commented Mar 2, 2022

/test

@gardener-robot gardener-robot added area/security Security related kind/enhancement Enhancement, improvement, extension labels Mar 2, 2022
@testmachinery
Copy link

testmachinery bot commented Mar 2, 2022
edited
Loading

Testrun: e2e-vrxtk
Workflow: e2e-vrxtk-wf
Phase: Succeeded

+---------------------+---------------------+-----------+----------+
|        NAME         |        STEP         |   PHASE   | DURATION |
+---------------------+---------------------+-----------+----------+
| bastion-test        | bastion-test        | Succeeded | 7m51s    |
| infrastructure-test | infrastructure-test | Succeeded | 9m3s     |
+---------------------+---------------------+-----------+----------+

@gardener-robot gardener-robot added needs/review Needs review size/s Size of pull request is small (see gardener-robot robot/bots/size.py) labels Mar 2, 2022
@gardener-robot-ci-3 gardener-robot-ci-3 added reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) needs/ok-to-test Needs approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels Mar 2, 2022
kon-angelo
kon-angelo approved these changes Mar 14, 2022
View reviewed changes
Copy link
Contributor

@kon-angelo kon-angelo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@gardener-robot gardener-robot added reviewed/lgtm Has approval for merging and removed needs/review Needs review labels Mar 14, 2022
@kon-angelo kon-angelo merged commit 8bc1870 into gardener:master Mar 14, 2022
@rfranzke rfranzke deleted the enh/tf branch March 14, 2022 14:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kon-angelo kon-angelo kon-angelo approved these changes

Assignees
No one assigned
Labels
area/security Security related kind/enhancement Enhancement, improvement, extension needs/ok-to-test Needs approval for testing (check PR in detail before setting this label because PR is run on CI/CD) reviewed/lgtm Has approval for merging size/s Size of pull request is small (see gardener-robot robot/bots/size.py)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@rfranzke @kon-angelo @gardener-robot-ci-3 @gardener-robot