Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add NV policy chart and values configs #5

Open
wants to merge 10 commits into
base: hunter/fix/helm-duplicates
Choose a base branch
from
Open

add NV policy chart and values configs #5

wants to merge 10 commits into from

Conversation

hadams95
Copy link
Member

@hadams95 hadams95 commented Feb 7, 2024
edited by krumware

Adds neuvector security policies and config to gen3-helm

@hadams95 hadams95 requested a review from swaphb February 7, 2024 15:22
swaphb
swaphb approved these changes Feb 8, 2024
View reviewed changes
Copy link

@swaphb swaphb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

krumware
krumware requested changes Feb 8, 2024
View reviewed changes
Copy link
Member

@krumware krumware left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd like to also surface the new values to the helm/gen3 values so that they're more prominent.

from slack, it might also be helpful to go ahead and add the global variable and prepare for adding a conditional chart dependency

neuvector:
  enabled: false
  policies:
    ## on the fence about this variable name
    include: true
    defaultMode: Monitor
  nameOverride: ""
  fullnameOverride: ""
  # hostname/service name for our DB
  DB_HOST: development-gen3-postgresql
  # Prefix for relevant services deployed through Argo
  ARGOCD_PREFIX: development-gen3
  # Neuvector policy enforcement mode
  # dev: Monitor
  # prod: Protect
  ingress:
    # service name of your ingress controller
    controller: nginx-ingress-controller
    # installation namespace of your ingress controller
    namespace: nginx
    # classname of your ingress
    class: nginx

@hadams95
Copy link
Member Author

@krumware Pinging for re-review, should have knocked out your change requests

@krumware
Copy link
Member

Made a few changes to resolve linting and to add some references as inline docs.
I'd like to add a little bit more inline documentation about the DB_HOST variable, a little unclear to new folks what that's for. But I think it's good to go for now 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@krumware krumware krumware approved these changes

@swaphb swaphb swaphb approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@hadams95 @krumware @swaphb