Skip to content

Commit 4b8e9d6

Browse files
authored
fix(trace-shield): set all ingress hostnames (#628)
* fix(trace-shield): template ingress correctly Signed-off-by: David van der Spek <[email protected]> * fix creating tenant Signed-off-by: David van der Spek <[email protected]> * fix setting tenant header for granafa-agent Signed-off-by: David van der Spek <[email protected]> * fix(trace-shield): solve controller nil pointer Signed-off-by: David van der Spek <[email protected]> * fix trivy scanning Signed-off-by: David van der Spek <[email protected]> * fix(trace-shield): fix error when creating oauth client Signed-off-by: David van der Spek <[email protected]> --------- Signed-off-by: David van der Spek <[email protected]>
1 parent a416b7b commit 4b8e9d6

File tree

7 files changed

+64
-10
lines changed

7 files changed

+64
-10
lines changed

.github/workflows/matrix-trivy-scan.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -86,7 +86,7 @@ jobs:
8686
scan-ref: ${{ matrix.repository }}
8787
format: 'sarif'
8888
output: 'trivy-results.sarif'
89-
security-checks: 'vuln,secret,config'
89+
scanners: 'vuln,secret,config'
9090
ignore-unfixed: true
9191
#severity: 'CRITICAL,HIGH'
9292
- name: Upload Trivy scan results to GitHub Security tab

.github/workflows/matrix-vendor-and-publish.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -196,7 +196,7 @@ jobs:
196196
scan-ref: ${{ matrix.repository }}
197197
format: 'sarif'
198198
output: 'trivy-results.sarif'
199-
security-checks: 'vuln,secret,config'
199+
scanners: 'vuln,secret,config'
200200
ignore-unfixed: true
201201
#severity: 'CRITICAL,HIGH'
202202

grafana-agent/helm/grafana-agent/Chart.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@ apiVersion: v2
22
name: grafana-agent
33
description: helm chart for grafana-agent
44
type: application
5-
version: 0.1.1
5+
version: 0.1.2
66
appVersion: v0.32.1
77
dependencies:
88
- name: grafana-agent
Lines changed: 11 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,16 @@
11
agent:
22
clusterName: {{ .Cluster }}
3-
logs:
4-
agent:
5-
lokiTenantId: {{ .Cluster }}
3+
metricsInstance:
4+
remoteWrite:
5+
mimir:
6+
headers:
7+
X-Scope-OrgID: {{ .Cluster }}
8+
logInstance:
9+
clients:
10+
loki:
11+
tenantId: {{ .Cluster }}
12+
externalLabels:
13+
cluster: {{ .Cluster }}
614
traces:
715
agent:
816
lokiTenantId: {{ .Cluster }}

trace-shield/helm/trace-shield/Chart.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@ apiVersion: v2
22
name: trace-shield
33
description: helm chart for trace-shield
44
type: application
5-
version: 0.1.3
5+
version: 0.1.6
66
appVersion: "v0.1.1"
77
dependencies:
88
- name: kratos

trace-shield/helm/trace-shield/values.yaml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ backend:
55
repository: ghcr.io/pluralsh/trace-shield/backend
66
pullPolicy: IfNotPresent
77
# Overrides the image tag whose default is the chart appVersion.
8-
tag: 0.1.1
8+
tag: 0.1.2
99

1010
imagePullSecrets: []
1111
nameOverride: ""
@@ -69,7 +69,7 @@ frontend:
6969
repository: ghcr.io/pluralsh/trace-shield/frontend
7070
pullPolicy: IfNotPresent
7171
# Overrides the image tag whose default is the chart appVersion.
72-
tag: 0.1.1
72+
tag: 0.1.2
7373

7474
imagePullSecrets: []
7575
nameOverride: ""
@@ -133,7 +133,7 @@ controller:
133133
repository: ghcr.io/pluralsh/trace-shield-controller
134134
pullPolicy: IfNotPresent
135135
# Overrides the image tag whose default is the chart appVersion.
136-
tag: sha-f84361c
136+
tag: sha-d33bdaa
137137

138138
imagePullSecrets: []
139139
nameOverride: ""

trace-shield/helm/trace-shield/values.yaml.tpl

Lines changed: 46 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,7 @@ postgresKratos:
1313
config:
1414
hostname: {{ .Values.frontendHostname }}
1515
tenant:
16+
create: true
1617
name: {{ .Cluster }}
1718
{{- if and .Configuration.mimir .Configuration.mimir.hostname }}
1819
mimir:
@@ -30,6 +31,26 @@ config:
3031
publicURL: {{ .Configuration.tempo.hostname }}
3132
{{- end }}
3233

34+
ingress:
35+
hosts:
36+
- host: {{ .Values.frontendHostname }}
37+
backendPaths:
38+
- path: /graphql
39+
pathType: Prefix
40+
- path: /graphiql
41+
pathType: Prefix
42+
- path: /tenant-hydrator
43+
pathType: Prefix
44+
- path: /user-webhook
45+
pathType: Prefix
46+
frontendPaths:
47+
- path: /real-frontend/.*
48+
pathType: Prefix
49+
tls:
50+
- secretName: trace-shield-tls
51+
hosts:
52+
- {{ .Values.frontendHostname }}
53+
3354
kratos:
3455
kratos:
3556
config:
@@ -61,6 +82,18 @@ kratos:
6182
ui_url: https://{{ .Values.frontendHostname }}/login
6283
registration:
6384
ui_url: https://{{ .Values.frontendHostname }}/registration
85+
ingress:
86+
public:
87+
enabled: true
88+
hosts:
89+
- host: {{ .Values.frontendHostname }}
90+
paths:
91+
- path: /.ory/kratos/public/(.*)
92+
pathType: Prefix
93+
tls:
94+
- secretName: trace-shield-tls
95+
hosts:
96+
- {{ .Values.frontendHostname }}
6497

6598
hydraSecrets:
6699
dsn: postgres://hydra:{{ $hydraPostgresPass }}@plural-postgres-hydra:5432/hydra
@@ -91,3 +124,16 @@ keto:
91124
keto:
92125
config:
93126
dsn: postgres://keto:{{ $ketoPostgresPass }}@plural-postgres-keto:5432/keto
127+
128+
kratos-selfservice-ui-node:
129+
kratosBrowserUrl: https://{{ .Values.frontendHostname }}/.ory/kratos/public/
130+
ingress:
131+
hosts:
132+
- host: {{ .Values.frontendHostname }}
133+
paths:
134+
- path: /.*
135+
pathType: Prefix
136+
tls:
137+
- secretName: trace-shield-tls
138+
hosts:
139+
- {{ .Values.frontendHostname }}

0 commit comments

Comments
 (0)