Add initial documentation for the helm-charts-hardened chart #290
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kfox1111
requested review from
sanderson042,
mchurichi,
ajessup,
Andres-GC,
evan2645 and
umairmkhan
as code owners
✅ Deploy Preview for spiffe ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
kfox1111
changed the title
kfox1111
changed the title
kfox1111
force-pushed
the
helm-charts-hardened
branch
from
318f0a0
to
7ccc531
Compare
mrsabath
reviewed
Jan 12, 2024
kfox1111
commented
Jan 23, 2024
content/docs/latest/spire-helm-charts-hardened-about/installation.md
Outdated
Show resolved
Hide resolved
kfox1111
force-pushed
the
helm-charts-hardened
branch
from
9d26f86
to
429692c
Compare
content/docs/latest/spire-helm-charts-hardened-about/installation.md
Outdated
Show resolved
Hide resolved
content/docs/latest/spire-helm-charts-hardened-about/installation.md
Outdated
Show resolved
Hide resolved
content/docs/latest/spire-helm-charts-hardened-about/installation.md
Outdated
Show resolved
Hide resolved
content/docs/latest/spire-helm-charts-hardened-about/installation.md
Outdated
Show resolved
Hide resolved
content/docs/latest/spire-helm-charts-hardened-about/installation.md
Outdated
Show resolved
Hide resolved
content/docs/latest/spire-helm-charts-hardened-about/namespaces.md
Outdated
Show resolved
Hide resolved
content/docs/latest/spire-helm-charts-hardened-about/namespaces.md
Outdated
Show resolved
Hide resolved
content/docs/latest/spire-helm-charts-hardened-about/namespaces.md
Outdated
Show resolved
Hide resolved
content/docs/latest/spire-helm-charts-hardened-about/namespaces.md
Outdated
Show resolved
Hide resolved
content/docs/latest/spire-helm-charts-hardened-about/namespaces.md
Outdated
Show resolved
Hide resolved
content/docs/latest/spire-helm-charts-hardened-about/upgrading.md
Outdated
Show resolved
Hide resolved
kfox1111
force-pushed
the
helm-charts-hardened
branch
from
dd15693
to
60f6994
Compare
faisal-memon
approved these changes
Mar 5, 2024
|
I am taking a look at this and #293 - which should I look at first / primarily? |
|
Anything I can do to help get this merged? It would be very beneficial to users to have docs they can use soon. |
|
I don't have merging powers unfortunately - I'm just going through to make sure I can follow the instructions / that they work / etc. Once complete I'll post another comment here :) |
mchurichi
reviewed
Mar 28, 2024
content/docs/latest/spire-helm-charts-hardened-about/exposing.md
Outdated
Show resolved
Hide resolved
content/docs/latest/spire-helm-charts-hardened-about/recommendations.md
Outdated
Show resolved
Hide resolved
|
|
||
| ## Strict Mode | ||
|
|
||
| Option `global.spire.recommendations.strictMode` adds additional checks on the configuration to help ensure your configuration is production ready. |
There was a problem hiding this comment.
Is there somewhere readers can learn more about what these additional checks are?
There was a problem hiding this comment.
It mostly makes sure they explicitly set stuff like, the trust domain, cluster name, and ca related settings. Basically all of the settings that were mentioned in the production installation instructions. Would it be helpful to try and document it here and keep it in sync with the chart, or we could refer back to the install instructions?
There was a problem hiding this comment.
Oh it makes sense now. I thought it automatically sets some settings like enhanced recommendations. A link to the install instructions should work.
content/docs/latest/spire-helm-charts-hardened-about/identifiers.md
Outdated
Show resolved
Hide resolved
content/docs/latest/spire-helm-charts-hardened-about/identifiers.md
Outdated
Show resolved
Hide resolved
content/docs/latest/spire-helm-charts-hardened-about/identifiers.md
Outdated
Show resolved
Hide resolved
content/docs/latest/spire-helm-charts-hardened-about/namespaces.md
Outdated
Show resolved
Hide resolved
content/docs/latest/spire-helm-charts-hardened-advanced/mirror.md
Outdated
Show resolved
Hide resolved
kfox1111
commented
Mar 28, 2024
content/docs/latest/spire-helm-charts-hardened-about/recommendations.md
Outdated
Show resolved
Hide resolved
|
@mchurichi Thank you for the review! :) |
Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> Co-authored-by: Maximiliano Churichi <mchurichi@gmail.com> Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
…ations.md Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
kfox1111
force-pushed
the
helm-charts-hardened
branch
from
9038896
to
0244584
Compare
mchurichi
reviewed
Apr 2, 2024
|
|
||
| ## Strict Mode | ||
|
|
||
| Option `global.spire.recommendations.strictMode` adds additional checks on the configuration to help ensure your configuration is production ready. |
There was a problem hiding this comment.
Oh it makes sense now. I thought it automatically sets some settings like enhanced recommendations. A link to the install instructions should work.
content/docs/latest/spire-helm-charts-hardened-about/recommendations.md
Outdated
Show resolved
Hide resolved
Signed-off-by: Volkan Özçelik <ovolkan@vmware.com> Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> Co-authored-by: Maximiliano Churichi <mchurichi@gmail.com> Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
kfox1111
force-pushed
the
helm-charts-hardened
branch
from
95ded58
to
6a3be63
Compare
mchurichi
approved these changes
Apr 3, 2024
|
Anything left to do to merge? |
mchurichi
reviewed
Apr 3, 2024
content/docs/latest/spire-helm-charts-hardened-about/recommendations.md
Outdated
Show resolved
Hide resolved
Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov>
quintessence
added a commit
to quintessence/spiffe.io-fork
that referenced
this pull request
May 7, 2024
) * Adds PR template Signed-off-by: Maximiliano Churichi <mchurichi@gmail.com> Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add support for building/testing with podman Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add initial documentation for the help-charts-hardened chart Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add ingress documentation Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add basic federation docs and misc fixes Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add recommendations, some nested spire docs, and misc changes Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Remove unneeded bits Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add Namespace documentation Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add initial mirroring docs Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update docs for external agents Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Can't use controller manager with join tokens Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * More examples Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Make image better Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update diagrams Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update things Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Reorder docs Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * More updates Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Incorperate feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Incorperate feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add join token details Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Incorperate feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Better diagram Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Break out ready docs from nonready Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update content/docs/latest/spire-helm-charts-hardened-about/installation.md Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Fix typo Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Add support for building/testing with podman (spiffe#289) * Add support for building/testing with podman Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update Makefile Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> --------- Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Apply suggestions from code review Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Incorperate feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Incorperate feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Apply suggestions from code review Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Incorperate feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Apply suggestions from code review Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Apply suggestions from code review Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Apply suggestions from code review Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Apply suggestions from code review Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update content/docs/latest/spire-helm-charts-hardened-about/exposing.md Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update content/docs/latest/spire-helm-charts-hardened-about/exposing.md Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Apply suggestions from code review Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Apply suggestions from code review Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update content/docs/latest/spire-helm-charts-hardened-about/identifiers.md Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Apply suggestions from code review Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Incorperate feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Apply suggestions from code review Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Removed HeadBucket Signed-off-by: Quintessence <quintessenceanx@gmail.com> Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update install instructions Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Apply suggestions from code review Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Apply suggestions from code review Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> Co-authored-by: Maximiliano Churichi <mchurichi@gmail.com> Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Incorperate feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Incorperate feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Update content/docs/latest/spire-helm-charts-hardened-about/recommendations.md Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * add VMware Secrets Manager as a consumer (spiffe#301) Signed-off-by: Volkan Özçelik <ovolkan@vmware.com> Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Incorperate feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Apply suggestions from code review Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> Co-authored-by: Maximiliano Churichi <mchurichi@gmail.com> Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> * Incorperate feedback Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> --------- Signed-off-by: Maximiliano Churichi <mchurichi@gmail.com> Signed-off-by: Kevin Fox <Kevin.Fox@pnnl.gov> Signed-off-by: kfox1111 <Kevin.Fox@pnnl.gov> Signed-off-by: Quintessence <quintessenceanx@gmail.com> Signed-off-by: Volkan Özçelik <ovolkan@vmware.com> Co-authored-by: Maximiliano Churichi <mchurichi@gmail.com> Co-authored-by: Faisal Memon <fymemon@yahoo.com> Co-authored-by: Quintessence <quintessenceanx@gmail.com> Co-authored-by: Volkan Özçelik <volkan.ozcelik@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.