Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cover mTLS #556

Merged
merged 1 commit into from
Mar 11, 2025
Merged

Cover mTLS #556

merged 1 commit into from
Mar 11, 2025

Conversation

flavio
Copy link
Member

@flavio flavio commented Mar 6, 2025
edited
Loading

Each link below points to the new page from our live preview:

Fixes #540

Open questions for the reviewers:

  • Is it worth to have a "Security" folder under "reference" and "howto" like I did? Should we just move the single document I wrote one level up?
  • The reference doc: the name of the url and of the document mentions "mTLS", however this is much more, because we also have the optional network policies. Should we do a rename?

@flavio flavio requested a review from a team as a code owner March 6, 2025 13:24
@netlify Netlify
Copy link

netlify bot commented Mar 6, 2025
edited
Loading

Deploy Preview for docs-kubewarden-io ready!

Name Link
🔨 Latest commit 0a8bcfb
🔍 Latest deploy log https://app.netlify.com/sites/docs-kubewarden-io/deploys/67d01399a8faca00087bd7d0
😎 Deploy Preview https://deploy-preview-556--docs-kubewarden-io.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@flavio flavio self-assigned this Mar 6, 2025
viccuad
viccuad reviewed Mar 7, 2025
View reviewed changes
Copy link
Member

@viccuad viccuad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. I think the security section is a good idea, but I would also move "how-tos/secure supply chain" there, and on the references, "references/threat model".

They would need to get one of those link preserving configs, too.

@jvanz
Copy link
Member

jvanz commented Mar 7, 2025

LGTM. I think the security section is a good idea, but I would also move "how-tos/secure supply chain" there, and on the references, "references/threat model".

+1

@flavio
Copy link
Member Author

flavio commented Mar 7, 2025

I'm fine moving more docs under the "security" folder, however I want to hear @jhkrug's opinion on the matter.
Moreover, if we were to do that, I would use a dedicated PR for that.

@jhkrug
Copy link
Contributor

jhkrug commented Mar 7, 2025

I'm fine moving more docs under the "security" folder, however I want to hear @jhkrug's opinion on the matter. Moreover, if we were to do that, I would use a dedicated PR for that.

It makes sense to me.

jhkrug
jhkrug requested changes Mar 7, 2025
View reviewed changes
Copy link
Contributor

@jhkrug jhkrug left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor suggestions and an occasional typo. Thanks.

@flavio
Copy link
Member Author

flavio commented Mar 10, 2025

I've update the howto to make use of the new labels, see eaf1347

Once everybody is fine with the changes I'll squash everything into a single commit

jhkrug
jhkrug approved these changes Mar 11, 2025
View reviewed changes
Copy link
Contributor

@jhkrug jhkrug left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

viccuad
viccuad approved these changes Mar 11, 2025
View reviewed changes
Copy link
Member

@viccuad viccuad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@flavio
doc(mtls): security hardening of the webhooks
0a8bcfb 
Explain how to secure the webhooks provided by Kubewarden by using mTLS
and Kubernetes Network policies.

Moreover, update the ArgoCD documentation to include the extra
operations to perform when mTLS is enabled.

Signed-off-by: Flavio Castelli <[email protected]>
@flavio flavio merged commit 632ca0a into main Mar 11, 2025
2 checks passed
@flavio flavio deleted the mtls branch March 11, 2025 10:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jvanz jvanz jvanz left review comments

@fabriziosestito fabriziosestito fabriziosestito approved these changes

@viccuad viccuad viccuad approved these changes

@jhkrug jhkrug jhkrug approved these changes

Assignees

@flavio flavio

Labels
None yet
Projects
Kubewarden
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Document mTLS support
5 participants
@flavio @jvanz @jhkrug @fabriziosestito @viccuad