First attempt to the ACS onboarding#100
Draft
p-rog wants to merge 10 commits intovalidatedpatterns:mainfrom
Draft
First attempt to the ACS onboarding#100p-rog wants to merge 10 commits intovalidatedpatterns:mainfrom
p-rog wants to merge 10 commits intovalidatedpatterns:mainfrom
Conversation
Author
|
I have to fix the ACS init secret issue:
|
- Fix indentation in values-hub.yaml (stackrox namespace) - Comment out acs-init-bundle secret (not needed for same-cluster deployment) - RHACS operator auto-generates auth for co-located Central + SecuredCluster Fixes vault namespace deployment issue. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Author
|
The secret issue is fixed. |
…ndle and integration
This commit resolves two critical issues preventing ACS Central and SecuredCluster Custom Resources from being deployed: 1. Uncommented extraValueFiles for acs-central and acs-secured-cluster applications in values-hub.yaml. This enables helm charts to receive global configuration values (localClusterDomain, secretStore, etc.) required for proper template rendering. 2. Added ExternalSecret template for central-htpasswd admin password. This syncs the admin password from Vault (hub/infra/acs) to the Kubernetes secret expected by the Central CR. With these fixes, ArgoCD will successfully render and deploy: - Central CR (Wave 10) with PostgreSQL DB and Scanner components - Init bundle job (Wave 12) to generate TLS secrets - OAuth integration job (Wave 13) for OpenShift authentication - SecuredCluster CR (Wave 15) with Sensor, Collector, and Admission Controller Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
… the central-cr.yaml and secured-cluster-cr.yaml, removing the perNode duplication, adding explicit scannerV4 configuration to central-cr.yaml
The cluster only has ACM release-2.15 channel available. Changed from release-2.14 to release-2.15 to fix subscription failure. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Red Hat Advanced Cluster Security (RHACS/StackRox) consists of two main deployment types:
Central Services (Hub Cluster)
Central:
Scanner:
Secured Cluster Services (Per Cluster)
Sensor:
Admission Controller:
Collector: