Micah Lee

File to rename: https://github.com/cyberark/conjur/blob/155c92259c64fd49fc86bf6f5c4e0e0fc1e7544d/lib/conjur/trusted_proxy_filter.rb Unit tests: https://github.com/cyberark/conjur/blob/155c92259c64fd49fc86bf6f5c4e0e0fc1e7544d/spec/lib/conjur/trusted_proxy_filter_spec.rb

Hi @subodh-shrivastava, thanks for the issue! One question to better understand what you're describing... The most common workflow is to use the [Kubernetes client sidecar or init container](https://github.com/cyberark/conjur-authn-k8s-client) to handle...

> Update the Conjur server to provide a configuration option for the DefaultClientCertPath for authn-k8s, with the default value if no config is specified set as /etc/conjur/ssl/client.pem - TBD what...

Great! So the summarize the discussion here for next steps: We currently impose a constraint on Kubernetes Authenticator Clients that requires the directory `/etc/conjur/ssl` to exist in the client container,...

> Is that an alternate path this effort could take, too? Yes, that is another available alternative. I will add that to my list above. That would at least be...

That sounds good to me!

> I believe that's how Conjur is run in the appliance. The appliance inherits the `production` environment, but extends it in an `appliance` environment, mostly to configure audit logging: https://github.com/cyberark/conjur/blob/master/config/environments/appliance.rb

Any new routes should not use existing paths, so I would be strongly against adding `/info` to OSS while it still exists as a standalone service in DAP. That opens...

> Maybe we can use `/version`? We could, but `/` already returns the version, just in an undesired format (HTML instead of JSON). Updating this endpoint to respect the `Accepts`...

Hey @mFelgate, this is looking good. Here's at least one additional change I know you'll need to pull from the original PR: https://github.com/cyberark/conjur/pull/2874/files#diff-24409379bdb75ad446bb4e2c18fd4cced1a263b99a3ff96fc3777d8fd8faeab9L68