Add TLS support to configure-sso job
General MR
Summary
Ensure that the configure-sso job has TLS secrets injected correctly
Relevant logs/screenshots
-
Tested fix with self-signed approach. SSO configuration appears to work and job exits successfully
How to test this locally
- Deploy Anchore (see development maintenance docs for how to do this)
- Provide enterprise license and enable SSO and UI.
- Deploy Anchore with internal TLS required
- This will require you to create a secret with the necessary certs, likely self-signed
- I wasn't able to get Anchore's Enterprise UI to start without telling the
node
process in the frontend to explicitly not verify TLS certs. Done by settingNODE_TLS_REJECT_UNAUTHORIZED=0
as an env var on the UI container
- Depending on how you create your self-signed certs curl may verify if the SN matches
dev.bigbang.mil
- May need to set
.Values.anchoreConfig.internalServicesSSL.verifyCerts
tofalse
to pass--insecure
flags to curl and other services to prevent them from verifying the certs.
Linked Issue
Upgrade Notices
No notice required
Edited by Dax McDonald