You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
ziti-edge-tunnel chart requires an enrolled identity, and it would simplify orchestration if a JWT could be supplied instead. Consider adding Helm life cycle hooks to handle enrollment and creating a Secret resource for the private key, at least. The schema of a JSON identity file allows for a file:// URI (or absolute path without URI scheme) for any of key, cert, or ca bundle. The key could be referenced at a mount point representing the K8s Secret, and the JSON file itself could live in a PVC. That way, the tunnel process would have the option to renew the certificate and rewrite the JSON file, which wouldn't contain any secrets.
ziti-edge-tunnel chart requires an enrolled identity, and it would simplify orchestration if a JWT could be supplied instead. Consider adding Helm life cycle hooks to handle enrollment and creating a Secret resource for the private key, at least. The schema of a JSON identity file allows for a
file://URI (or absolute path without URI scheme) for any of key, cert, or ca bundle. The key could be referenced at a mount point representing the K8s Secret, and the JSON file itself could live in a PVC. That way, the tunnel process would have the option to renew the certificate and rewrite the JSON file, which wouldn't contain any secrets.#130
The text was updated successfully, but these errors were encountered: