Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Migrate to k8s version 1.25 #646

Closed
5 tasks done
commjoen opened this issue Feb 25, 2023 · 0 comments · Fixed by #652
Closed
5 tasks done

Migrate to k8s version 1.25 #646

commjoen opened this issue Feb 25, 2023 · 0 comments · Fixed by #652
Assignees
@commjoen @bendehaan

Comments

@commjoen
Copy link
Collaborator

commjoen commented Feb 25, 2023
edited
Loading

Complete migration to K8s 1.25: Configure PSA and PSS and securitycontexts for all pods in
@commjoen commjoen self-assigned this Feb 25, 2023
This was referenced Feb 25, 2023
Closed
Closed
Merged
commjoen added a commit that referenced this issue Mar 4, 2023
@commjoen
Feat(#646): updated centralized vault upgrade script, migrated GCP to…
28d4470 
… k8s 1.25
commjoen added a commit that referenced this issue Mar 4, 2023
@commjoen
Feat(#646): updated gcp docs
c4b8bfa
commjoen added a commit that referenced this issue Mar 4, 2023
@commjoen
feat(#646): Started Azure migration (Found out we have to migrate to …
d7976cc 
…azure identities, wIP
@commjoen commjoen mentioned this issue Mar 5, 2023
Open
commjoen added a commit that referenced this issue Mar 6, 2023
@commjoen
feat(#646): Got Kubernetes 1.25 working in Azure using audit with aad…
43e3273 
…-pod-identity
puneeth072003 added a commit to puneeth072003/wrongsecrets that referenced this issue Mar 7, 2023
@puneeth072003 @commjoen
@dependabot @bendehaan
updation (#4)
332dca5 
* Feat: initial start with k8s 1.25 migration

* bump to k8s 1.25.6 in workflows

* Feat(646): Adding PSA to k8s def files

* feat(646): Update required config for minikube configration part 2

* feat(1.25): updated namespaced creation of vault as vault needs different security context config than our main workload

* feat(1.25): updated vault liveiness checks as we have to test after every step again

* feat(646): adding service account, BUT CONFIG OF APP NEEDS TO BE UPDATED TO CONTACT VAULT IN THE RIGHT NS

* feat(646): First working setup for k8s minikube vault done, now preparing aws, azure, and okteto (to be finished & tested)

* feat(646): complete okteto setup: we cannot do anything with workspace patching, tehrefore limitting securitycontext only

* Feat(636): fix docs

* feat(646): make http the same for all providers

* feat(646): make precommit happy :(

* fix(646): fix readmes again....

* build(deps): update hashicorp/google-beta requirement from ~> 4.54.0 to ~> 4.55.0

Updates the requirements on [hashicorp/google-beta](https://github.com/hashicorp/terraform-provider-google-beta) to permit the latest version.
- [Release notes](https://github.com/hashicorp/terraform-provider-google-beta/releases)
- [Changelog](https://github.com/hashicorp/terraform-provider-google-beta/blob/main/CHANGELOG.md)
- [Commits](hashicorp/terraform-provider-google-beta@v4.54.0...v4.55.0)

---
updated-dependencies:
- dependency-name: hashicorp/google-beta
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>

* build(deps): update hashicorp/google requirement from ~> 4.54.0 to ~> 4.55.0

Updates the requirements on [hashicorp/google](https://github.com/hashicorp/terraform-provider-google) to permit the latest version.
- [Release notes](https://github.com/hashicorp/terraform-provider-google/releases)
- [Changelog](https://github.com/hashicorp/terraform-provider-google/blob/main/CHANGELOG.md)
- [Commits](hashicorp/terraform-provider-google@v4.54.0...v4.55.0)

---
updated-dependencies:
- dependency-name: hashicorp/google
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>

* Adding the Table of contents

* doc(x): added @puneeth072003 as contriubtor

* Adding the requeseted changes

* Making corrections

* Fixed spelling

* Update README.md

* Feat(OWASP#646): updated centralized vault upgrade script, migrated GCP to k8s 1.25

* Feat(OWASP#646): updated gcp docs

* feat(OWASP#646): Started Azure migration (Found out we have to migrate to azure identities, wIP

* feat(OWASP#646): Got Kubernetes 1.25 working in Azure using audit with aad-pod-identity

* fix: add terraform lockfiles

* fix: fix AWS setup for k8s 1.25

* Update README.md

* build(deps): bump erzz/codeclimate-standalone from 0.0.4 to 0.0.5

Bumps [erzz/codeclimate-standalone](https://github.com/erzz/codeclimate-standalone) from 0.0.4 to 0.0.5.
- [Release notes](https://github.com/erzz/codeclimate-standalone/releases)
- [Changelog](https://github.com/erzz/codeclimate-standalone/blob/main/CHANGELOG.md)
- [Commits](erzz/codeclimate-standalone@v0.0.4...v0.0.5)

---
updated-dependencies:
- dependency-name: erzz/codeclimate-standalone
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

* Update codeclimate_standalone.yml

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: Jeroen Willemsen <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ben de Haan <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@commjoen commjoen

@bendehaan bendehaan

Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@commjoen @bendehaan