Holger Dormann
Holger Dormann
The problem is located in `hack/webhook-patch-ca-bundle.sh`: ```console secret_name=$(kubectl get sa default -o jsonpath='{.secrets[0].name}') export CA_BUNDLE=$(kubectl get secret/$secret_name -o jsonpath='{.data.ca\.crt}' | tr -d '\n') ``` This code assumes that the CA...
For inserting the config data into the workload's runtimeConfig, a template engine could be used. For Rust there is a list of available [template engines](https://crates.io/categories/template-engine). Some criteria for selecting a...
Somehow we need to handle long lines, i.e. lines that are longer than the terminal width. I see two options: 1. Truncate the line 2. Break the line but keep...
The project https://github.com/eclipse/kuksa.val also uses gRPC between client and databroker via TLS so maybe we can check that before.
I think we need confidentiality at least for the CLI connecting to the Ankaios server as the CLI might be remote.
Besides using mTLS we could also use TLS + JWT (TLS for encryption + JWT for authentication and authorization). This seems to be simpler plus more flexible.
If this issue is implemented, secure communication shall be on by default. If insecure communication shall be used (e.g. during development or evaluation of Ankaios), a parameter like `--insecure` needs...
For getting in contact there is also the Ankaios Slack workspace: https://eclipse-ankaios.github.io/ankaios/latest/support/.
I have reviewed the proposal for access rights and it looks good to me. Maybe you can add a few examples how it would look in the Ankaios manifest in...
I think first we need to analyze the disk usage of the dev container to find out the biggest chunks. `ncdu` is very suited for that. ```shell ncdu -x /...