bnfinet
commented
1 year ago @Protryon thanks for your interest in Vouch Proxy
Have you seen the Alpine based image? It contains an operating environment and is appropriate for additional tooling. The primary image is intended to be slim FROM SCRATCH.
If you're having problems with certificates being recognized please do open an issue.
Cheers
In my cluster, with a mean time to failure of 1-2 days, the vouch proxy gets the wrong TLS certificate from Keycloak, consistently, until restarted. I can't even try to copy in a bash executable because there is nothing but the golang bin!
kubectlrequirestarin thePATHto work at the very minimum.I get the desire to trim container size, but you got to at least have
sh,tar, and a package manager of some kind in my eyes.EDIT: Also bumped golang to 1.20 to fix a build failure. I love dependencies changing out from under you.