UNCLASSIFIED - NO CUI

Skip to content
Snippets Groups Projects
Commit bcbcc1ac authored by Micah Nagel's avatar Micah Nagel
Browse files

Merge branch 'update-twistlock-tag-0.7.0-bb.0' into 'master' 

Twistlock init script

Closes platform-one/big-bang/apps/security-tools/twistlock#35 and platform-one/big-bang/apps/security-tools/twistlock#36

See merge request platform-one/big-bang/bigbang!1727
parents bb8dbbde 60e697a4
No related branches found
No related tags found
1 merge request!1727Twistlock init script
Pipeline #834657 failed
Stage: .pre
Stage: 🔌 network up
Stage: ⚓ cluster up
Stage: 🌌 bigbang up
Stage: 🤞 test
Stage: 💣 bigbang down
Stage: 💣 cluster down
Stage: 💣 network down
Hide whitespace changes
Inline Side-by-side
chart/templates/twistlock/gitrepository.yaml
+ 1
0
View file @ bcbcc1ac
......@@ -14,5 +14,6 @@ spec:
ref:
{{- include "validRef" .Values.twistlock.git | nindent 4 }}
{{ include "gitIgnore" . }}
!/chart/scripts/*.sh
{{- include "gitCreds" . | nindent 2 }}
{{- end }}
chart/templates/twistlock/values.yaml
+ 4
6
View file @ bcbcc1ac
......@@ -4,15 +4,12 @@
{{- define "bigbang.defaults.twistlock" -}}
# hostname is deprecated and replaced with domain. But if hostname exists then use it.
{{- $domainName := default .Values.domain .Values.hostname }}
hostname: {{ $domainName }}
domain: {{ $domainName }}
domain: {{ default .Values.domain .Values.hostname }}
openshift: {{ .Values.openshift }}
prometheus:
servicemonitor:
enabled: {{ .Values.monitoring.enabled }}
monitoring:
enabled: {{ .Values.monitoring.enabled }}
imagePullSecrets:
- name: private-registry
......@@ -23,6 +20,7 @@ networkPolicies:
{{- $gateway := default "public" .Values.twistlock.ingress.gateway }}
{{- $default := dict "app" (dig "gateways" $gateway "ingressGateway" nil .Values.istio) "istio" nil }}
{{- toYaml (dig "values" "gateways" $gateway "selector" $default .Values.istio) | nindent 4 }}
controlPlaneCidr: {{ .Values.networkPolicies.controlPlaneCidr }}
nodeCidr: {{ .Values.networkPolicies.nodeCidr }}
istio:
......
chart/values.yaml
+ 1
1
View file @ bcbcc1ac
......@@ -639,7 +639,7 @@ twistlock:
git:
repo: https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/twistlock.git
path: "./chart"
tag: "0.6.0-bb.0"
tag: "0.7.0-bb.0"
# -- Flux reconciliation overrides specifically for the Twistlock Package
flux: {}
......
tests/test-values.yaml
+ 10
5
View file @ bcbcc1ac
......@@ -162,6 +162,7 @@ gatekeeper:
- monitoring/kube-prometheus-stack-cypress-test
- vault/vault-cypress-test
- logging/loki-cypress-test
- twistlock/twistlock-cypress-test
# Allow kyverno test vectors for Helm test
- default/restrict-host-path-mount-.?
- default/restrict-host-path-write-.?
......@@ -257,6 +258,7 @@ gatekeeper:
- monitoring/kube-prometheus-stack-cypress-test
- vault/vault-cypress-test
- logging/loki-cypress-test
- twistlock/twistlock-cypress-test
# Allow kyverno test vectors for Helm test
- default/restrict-host-path-mount-.?
- default/restrict-host-path-write-.?
......@@ -365,6 +367,7 @@ kyvernopolicies:
- monitoring
- vault
- logging
- twistlock
names:
- "*-cypress-test*"
parameters:
......@@ -385,6 +388,7 @@ kyvernopolicies:
- monitoring
- vault
- logging
- twistlock
names:
- "*-cypress-test*"
parameters:
......@@ -420,6 +424,7 @@ kyvernopolicies:
- monitoring
- vault
- logging
- twistlock
names:
- "*-cypress-test*"
update-image-pull-policy:
......@@ -496,17 +501,17 @@ loki:
strategy: scalable
values:
global:
createGlobalConfig: true
createGlobalConfig: true
existingSecretForConfig: "loki-config"
loki-simple-scalable:
write:
replicas: 1
persistence:
size: 2Gi
resources:
resources:
limits:
cpu: 200m
memory: 400Mi
memory: 400Mi
requests:
cpu: 200m
memory: 400Mi
......@@ -514,10 +519,10 @@ loki:
replicas: 1
persistence:
size: 2Gi
resources:
resources:
limits:
cpu: 200m
memory: 400Mi
memory: 400Mi
requests:
cpu: 200m
memory: 400Mi
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

UNCLASSIFIED - NO CUI