Comments (6)
Would be fine having it configurable, while having the CRD be the new default :)
from security-profiles-operator.
@cmurphy @saschagrunert @hasheddan any suggestions on other options or favourite options? I personally would be leaning towards the first one.
from security-profiles-operator.
It might be easier to just use different paths. The path for a profile created as a ConfigMap versus a CRD are already naturally different, since both the name of the ConfigMap and an explicit name for the file are used to construct the path, e.g. /var/lib/seccomp-operator/<namespace>/<configmap name>/<file name>
, but there is no equivalent explicit file name for the CRD (unless we want to add it), so it would be more straightforward to write them to something like /var/lib/seccomp-operator/<namespace>/custom-profiles/<resource name>.json
. Then there would only be a collision if a ConfigMap happened to use "custom-profiles" as its name. But I can see arguments for option 1 as well.
from security-profiles-operator.
@cmurphy My main concern would be the edge case you already called out, which makes me feel like option 2 may become a footgun as it gives users some room for misinterpretation.
from security-profiles-operator.
After some talk on this subject we come to the conclusion that we were better-off removing ConfigMap
support.
This change will make it easier for users to use the operator and remove unnecessary ambiguity.
Closing this issue given that its goal was to define the behaviour, which no longer is needed.
/close
from security-profiles-operator.
@pjbgf: Closing this issue.
In response to this:
After some talk on this subject we come to the conclusion that we were better-off removing
ConfigMap
support.This change will make it easier for users to use the operator and remove unnecessary ambiguity.
Closing this issue given that its goal was to define the behaviour, which no longer is needed./close
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
from security-profiles-operator.
Related Issues (20)
- Support for --http2-disable flag in metrics pod HOT 6
- Running e2e tests on OpenShift hang HOT 1
- AKS spod STATE : UPDATING HOT 12
- Release v0.8.1
- getting owner profile: the node status owner is of an unknown kind HOT 3
- Manage SELinux booleans HOT 10
- tolerations not honoured HOT 4
- AKS eBPF recording HOT 15
- Can not re-install SPO HOT 1
- ignore istio init container while eBPF profiling HOT 8
- AppArmor does not work HOT 15
- Release v0.8.2 HOT 1
- [Question] Disable webhook deployment HOT 4
- Seeing Policy Violations HOT 6
- Security Profiles Operator should support dynamic infrastructures HOT 4
- Release v0.8.3 HOT 1
- deletion of a `SelinuxProfile` object hangs forever HOT 6
- Proposal: Allow `spoc` to simultaneously record different profile types. HOT 2
- Release v0.8.4 HOT 2
- OLM tests are flaking HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from security-profiles-operator.