DoD-Platform-One / bigbang

BigBang the product
https://repo1.dso.mil/big-bang/bigbang
Apache License 2.0
168 stars 68 forks source link

Kyverno policy does not allow for HA Vault Configuration #31

Closed p1-repo-sync-bot[bot] closed 9 months ago

p1-repo-sync-bot[bot] commented 9 months ago

Bug

Description

During a K8s upgrade, we discovered that our vault-vault-1 and vault-vault-2 pods were in a crashloopbackoff due to not being able to find the mounted SA token. I believe the issue stems from the kvyerno policy update-automountserviceaccounttokens. In the bb chart, i believe the issue is from this line. It should be vault-vault-* instead of just for vault-vault-1

BigBang Version

2.18.0

p1-repo-sync-bot[bot] commented 9 months ago

Issue 'Kyverno policy does not allow for HA Vault Configuration' closed from GitLab side