Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Directory tenants #28

Merged
merged 4 commits into from
Nov 12, 2024
Merged

Directory tenants #28

merged 4 commits into from
Nov 12, 2024

Conversation

ronenh
Copy link
Contributor

@ronenh ronenh commented Nov 12, 2024

This PR adds configuration options for tenant API keys in the directory chart.

Tenants can be defined in values.yaml using:

tenants:
  - name: staging
    id: 3dbaa470-9c7e-11ef-bf36-00fcb2a75cb1
    keysSecret:
      name: staging-keys
      writerKey: writerKey
      readerKey: readerKey
  - name: prod
    id: 8b6152d2-9d19-11ef-98b6-00a83bc65178
    keys:
      writer: fb634e791176409a8c5dd6776435fb0b
      reader: 39fa2ac0eb0f45fdb9234bb69436940f

The keys for the first tenant (staging) are read from the specified k8s secret.
The keys for the second are provided inline.

This PR also sets checksum annotations the trigger pod restarts when configuration changes.

@ronenh ronenh requested a review from gertd November 12, 2024 21:51
gertd
gertd reviewed Nov 12, 2024
View reviewed changes
charts/aserto-lib/templates/_config.tpl Outdated
@@ -31,5 +31,5 @@ Root directory tenant ID
*/}}
{{- define "aserto-lib.rootDirectoryTenantID" -}}
{{- (include "aserto-lib.rootDirectoryCfg" . | fromYaml).tenantID |
required ".Values.rootDirectory.tenantID or .Values.global.aserto.rootDirectory.tenantID must be set" -}}
default "06e1fdac-0676-11ef-b77e-0005a79d9368" -}}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does that need to be hardwired? If it does, would it make sense to use a more recognizable tenant-id like: 00000000-0000-11ef-0000-000000000000

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like that! I just generated a random ID but this is better.

gertd
gertd approved these changes Nov 12, 2024
View reviewed changes
Copy link
Member

@gertd gertd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See suggestion RE hardwired tenant-id

@ronenh ronenh merged commit 961db2a into main Nov 12, 2024
1 check passed
@ronenh ronenh deleted the directory-tenants branch November 12, 2024 22:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gertd gertd gertd approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ronenh @gertd