WIP: Use mutual SSL for Helm Tiller
What does this MR do?
As part of our move to support RBAC it will become increasingly important to lock down the permissions of Helm Tiller. As such we will use mutual SSL auth between Helm client and Tiller server with the keys only available to GitLab so users cannot authenticate to Tiller at all.
Are there points in the code the reviewer needs to double check?
-
Security, encrypting data in the database, passing data to Helm
Why was this MR needed?
Screenshots (if relevant)
Does this MR meet the acceptance criteria?
-
Changelog entry added, if necessary -
Documentation created/updated - [-] API support added
-
Tests added for this feature/bug - Conform by the code review guidelines
- [-] Has been reviewed by a UX Designer
- [-] Has been reviewed by a Frontend maintainer
-
Has been reviewed by a Backend maintainer -
Has been reviewed by a Database specialist
-
Conform by the merge request performance guides -
Conform by the style guides -
If you have multiple commits, please combine them into a few logically organized commits by squashing them -
Internationalization required/considered -
End-to-end tests pass ( package-and-qa
manual pipeline job)
What are the relevant issue numbers?
Edited by 🤖 GitLab Bot 🤖