vas777
commented
1 month ago -
cas statefullset security context runAsUser: ??? -- or do we need set user id in Dockerfile ? -- securitycontext: https://github.com/scontain/sconeapps/blob/scone.cloud/charts/cas/templates/statefulset.yaml#L43
-
cas statefullset labels: https://github.com/scontain/sconeapps/blob/scone.cloud/charts/cas/templates/_helpers.tpl#L69
-
cas statefullset json: ???
-
sgx pluging labels : https://github.com/scontain/sconeapps/blob/scone.cloud/charts/sgxdevplugin/templates/_helpers.tpl#L50
-
operator controller : https://github.com/scontain/k8soperators/blob/main/config/manager/manager.yaml#L15
-
provision-job runAsUser 1000: ( not fixed yet ) -- provision-cas https://github.com/scontain/ceremony-deployment-vector-based/blob/change-hsm-pwds/cas-functions.sh#L3939 -- provision-cas https://github.com/scontain/ceremony-deployment-vector-based/blob/change-hsm-pwds/cas-functions.sh#L3993 -- attest-primary-cas https://github.com/scontain/ceremony-deployment-vector-based/blob/change-hsm-pwds/cas-functions.sh#L4045
RC.1:
un provisioned cas : kubectl patch statefulset/${CAS} -n ${CAS_NAMESPACE} -p '{"spec":{"template":{"metadata":{"labels":{"app":"cas"}}}}}'
Maybe optional - since we fixed this:
kubectl patch daemonset sgxplugin -n ${TARGET_NAMESPACE} -p '{"spec":{"template":{"metadata":{"labels":{"app":"sgxplugin"}}}}}'
Operator-controller.sh
operator_controller.sh : kubectl patch deployment scone-controller-manager -n $NAMESPACE -p '{"spec":{"template":{"metadata":{"labels":{"app":"scone-controller-manager"}}}}}' hat Kontextmenü
[11:20] ANDRÉ Michaël (ASP/MST)