From be0d3fc914ee8d2db865a2d857b2fbca56642e5c Mon Sep 17 00:00:00 2001 From: Daniel Barnes Date: Tue, 4 Feb 2025 04:41:41 +0900 Subject: [PATCH 1/2] feat: Add cloud armor sec pol to app --- charts/operator-wandb/charts/app/templates/service.yaml | 6 ++++-- charts/operator-wandb/values.yaml | 6 +++--- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/charts/operator-wandb/charts/app/templates/service.yaml b/charts/operator-wandb/charts/app/templates/service.yaml index 26516e1a..b9a24a3c 100644 --- a/charts/operator-wandb/charts/app/templates/service.yaml +++ b/charts/operator-wandb/charts/app/templates/service.yaml @@ -1,4 +1,3 @@ -{{- if .Values.global.createGCPLoadBalancerBackend }} {{- if eq .Values.global.cloudProvider "gcp" }} --- apiVersion: cloud.google.com/v1 @@ -8,9 +7,12 @@ metadata: labels: {{- include "wandb.commonLabels" . | nindent 4 }} spec: + {{- if .Values.global.gcpSecurityPolicy }} + securityPolicy: + name: {{ .Values.global.gcpSecurityPolicy }} + {{- end }} timeoutSec: 120 {{- end }} -{{- end }} --- apiVersion: v1 kind: Service diff --git a/charts/operator-wandb/values.yaml b/charts/operator-wandb/values.yaml index 1ab128c4..310a1622 100644 --- a/charts/operator-wandb/values.yaml +++ b/charts/operator-wandb/values.yaml @@ -194,9 +194,9 @@ global: debug: false dryRun: true - # Creates a backend config to set custom values to used by the gke load balancer - # https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-configuration#create_backendconfig - createGCPLoadBalancerBackend: false + # GCP only value: a CloudArmor policy to be attached to the gce LoadBalancer via a BackendConfig. + # https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-configuration#cloud_armor + gcpSecurityPolicy: "" ingress: install: true From 6ef97532b40ed9891897d2900d72fc16f987ccc0 Mon Sep 17 00:00:00 2001 From: Daniel Barnes Date: Tue, 4 Feb 2025 04:43:05 +0900 Subject: [PATCH 2/2] add to console --- charts/operator-wandb/charts/console/templates/service.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/operator-wandb/charts/console/templates/service.yaml b/charts/operator-wandb/charts/console/templates/service.yaml index a69578ed..b765ac3b 100644 --- a/charts/operator-wandb/charts/console/templates/service.yaml +++ b/charts/operator-wandb/charts/console/templates/service.yaml @@ -1,4 +1,3 @@ -{{- if .Values.global.createGCPLoadBalancerBackend }} {{- if eq .Values.global.cloudProvider "gcp" }} --- apiVersion: cloud.google.com/v1 @@ -8,9 +7,12 @@ metadata: labels: {{- include "wandb.commonLabels" . | nindent 4 }} spec: + {{- if .Values.global.gcpSecurityPolicy }} + securityPolicy: + name: {{ .Values.global.gcpSecurityPolicy }} + {{- end }} timeoutSec: 120 {{- end }} -{{- end }} --- {{- if .Values.enabled }} apiVersion: v1