Add polexes for vsphere cloud provider app (it contains 4 sub-charts) #292
Conversation
Signed-off-by: Jirka Kremser <[email protected]>
| @@ -61,6 +61,9 @@ policyExceptions: | |||
| # Deploy a PolicyException for chart-operator (required for Giant Swarm clusters). | |||
| enableChartOperatorPolex: true | |||
|
|
|||
| # Deploy PolicyExceptions for vsphere provider - cpi, kubevip, etc. (required for Giant Swarm clusters). | |||
| enableVsphereProviderPolex: false | |||
There was a problem hiding this comment.
I guess this would be enabled on MCs through config -- is there a way to enable it also for CAPV workload clusters?
There was a problem hiding this comment.
I think that would be an option in default apps, I am actually working on adding Kyverno to WCs for vsphere - https://github.com/giantswarm/default-apps-vsphere/pull/140/files#diff-0708195cf15ea7b702d1af55719e20899a250b27e9dca539819647317b672144R34-R41 And I've just found your comment on the issue about security bundle repo :)
There was a problem hiding this comment.
btw. it's set to false because other provider don't care about vsphere related things, but we can make it true your call, true would be actually much easier for multi-provider environments (like wepa)
There was a problem hiding this comment.
My question was because I don't know enough about our current CAPI config setup to know what's involved in enabling it in WCs if it isn't done here.
Obviously I'd prefer not to deploy exceptions which aren't needed, so if it's possible to enable the exception through some provider-specific means, that's nicer IMO (so leaving this false).
|
Is this still needed? Can we update/merge/close this? |
|
@giantswarm/team-rocket , I will close this one too. If you ever need this feel free to open it again. |
moved from this original pr: giantswarm/cloud-provider-vsphere-app#59 that was also creating the required CRD
Checklist
values.yamlandvalues.schema.jsonare valid.