General MR

Summary

Adds the option to apply the fips-enabled label to a BigBang merge request, which deploys BigBang with ./tests/fips-test-values.yaml as an additional override.

Introduces a new conditional variable to the clean install, aws/rke2/bigbang up, and aws/eks/bigbang up stages called CI_FIPS_VALUES_FILE.

Relevant logs/screenshots

Pipeline run where the CI_FIPS_VALUES_FILE is appended to CI_VALUES_FILE due to the fips-enabled label being present.

Pipeline run where the default CI_VALUES_FILE is used when the fips-enabled label is absent.

./tests/fips-test-values.yaml contains the following:

istio:
  values:
    enterprise: true

Linked Issue

issue

Upgrade Notices

n/a

Edited Apr 19, 2024 by Noah Birrer

Draft: Add option to test istio with fips enabled in bigbang pipeline

General MR

Summary

Relevant logs/screenshots

Linked Issue

Upgrade Notices

Merge request reports