Andrew Azores
Andrew Azores
Sorry for the drive-by comment without much knowledge of the particular context here. I'm only aware of this because a contributor to my project wants to add an OpenSearch container...
Another possibility instead of using an auth proxy and generated basic auth could be to use mutual TLS.
Another option is to leave off the TLS and authentication and rely simply on a [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/) to restrict allowed traffic to the reports Service to only requests originating from...
I don't think anyone has started on this, though @mwangggg is working on #814 which might have some slight overlap in areas, since once those other containers are split out...
> Creating a NetworkPolicy resource without a controller that implements it will have no effect. Sounds promising that it should be simple to add this as an enhancement, which will...
Some more thoughts about the Agent injection/integration. 1. We want our Operator to be able to supply the Agent JAR to the application - the user should be able but...
If we can do an equivalent to `kubectl cp` to copy the Agent JAR from the Operator into the application container, instead of mounting a ConfigMap, then this can even...
https://stackoverflow.com/questions/51686986/how-to-copy-file-to-container-with-kubernetes-client-go
https://sdk.operatorframework.io/docs/best-practices/managing-resources/#how-to-change-the-operatormanager-resources-values-when-under-olm-management