Add DeploymentConfigs as app identity in Jenkins OpenShift CI #115
Labels
Comments
This was referenced Oct 23, 2020
diverdane
pushed a commit
that referenced
this issue
Oct 23, 2020
This change adds a test for using DeploymentConfigs OpenShift resources
as application identity for Conjur authn-k8s authentication.
This change depends upon a change in a change to the kubernetes-conjur-deploy
scripts:
cyberark/kubernetes-conjur-deploy#158
This will allow the authn-k8s plugin to compare an application's
DeploymentConfig with DeploymentConfigs that are permitted (via annotations)
in Conjur policy.
Addresses Issue #115
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
Currently, the Jenkins Openshift CI does not include the use of
DeploymentConfigsOpenShiftresource as application identity for authn-k8s. This should be included in the tests.
This change to the kubernetes-conjur-demo CI will depend upon this change in the
kubernetes-conjur-deploy scripts:
cyberark/kubernetes-conjur-deploy#158
Describe the solution you would like
The authentication policies in policy/templates/project-authn-def.template.yml should include
this annotation for OpenShift host definitions used for annotation-based authentication:
Describe alternatives you have considered
Additional context
Depends upon:
cyberark/kubernetes-conjur-deploy#158
The text was updated successfully, but these errors were encountered: