Implement Istio Authorization Policies
Summary
See this MR for an example implementation and this comment for testing notes.
Activity
added Big Bang Add-Ons anchore labels
added to epic big-bang&159 (closed)
added kindfeature priority5 teambigbang labels
changed iteration to Big Bang Iterations Oct 31, 2023 - Nov 13, 2023
changed iteration to Big Bang Iterations Nov 14, 2023 - Nov 27, 2023
changed iteration to Big Bang Iterations Nov 28, 2023 - Dec 11, 2023
removed iteration Big Bang Iterations Nov 28, 2023 - Dec 11, 2023
changed iteration to Big Bang Iterations Dec 12, 2023 - Dec 25, 2023
removed iteration Big Bang Iterations Dec 12, 2023 - Dec 25, 2023
added teamSecurity & Compliance label and removed teambigbang label
assigned to @enochofori777
changed iteration to Big Bang Iterations Jan 23, 2024 - Feb 5, 2024
changed iteration to Big Bang Iterations Feb 6, 2024 - Feb 19, 2024
removed iteration Big Bang Iterations Jan 23, 2024 - Feb 5, 2024
removed iteration Big Bang Iterations Feb 6, 2024 - Feb 19, 2024
unassigned @enochofori777
assigned to @enochofori777
added statusdoing label
mentioned in merge request !207 (merged)
removed statusdoing label
added statusreview label
mentioned in commit 1267aaeb
closed with merge request !207 (merged)
mentioned in merge request big-bang/bigbang!3892 (merged)
added statusdoing label and removed statusreview label
@chris.oconnell @ryan.j.garcia @massey.robert @enochofori777 Anchore fails to come up with hardening enabled
- create a cluster -- tested on local k3d / ec2 k3d / vanilla k8s cluster
- Enable anchore
- Enabled hardening per big-bang/bigbang!3892 (merged)
- install bigbang
anchore-feeds-xxx-xxx loops with error:
(Background on this error at: https://sqlalche.me/e/14/e3q8) [MainThread] 2024-03-26T17:01:14.758179 [MainThread] [anchore_enterprise_manager.util.db/connect_database()] [INFO] DB attempting to connect... [MainThread] 2024-03-26T17:01:14.764958 [MainThread] [anchore_enterprise_manager.util.db/connect_database()] [WARN] DB connection failed, retrying - exception: test connection failed - exception: (psycopg2.OperationalError) server closed the connection unexpectedly This probably means the server terminated abnormally before or while processing the request.Removing the anchore AuthorizationPolicy kinds allows everything to start up
I'm not sure how the feeds work or what that
sqlalche.meaccess site is. Might need a way to whitelist known,default feed sitesEdited by Michael Martinchanged iteration to Big Bang Iterations Apr 2, 2024 - Apr 15, 2024
mentioned in merge request !227 (merged)
added statusready-to-work label and removed statusdoing label
changed milestone to %2.25.0
added statusdoing label and removed statusready-to-work label
mentioned in commit 002e795a
closed with merge request !227 (merged)
mentioned in merge request big-bang/bigbang!4141 (closed)
mentioned in commit big-bang/bigbang@9ea29ce5
