Cleanup needed after "Enable Neuvector federation for workload cluster"
The following discussion from !4467 (merged) should be addressed:
-
@cristian.manda started a discussion: (+5 comments) Just some nits:
- you set
units.neuvector-federation-generate-workload-config.depends_on.neuvector: truein values.yaml, but then you set it to false in workload-cluster-values.yaml. In this case this dependency is not needed. - in management-cluster.values.yaml for
units.neuvector-assign-fedadmin-roleyou are using the old way of providing the script to the job, but in workload-cluster.values.yaml forunits.neuvector-wkld-federation-nslookupyou are using the newkube-job-replace-script-patchnamed template. The latest should be used everywhere.
Since the MR is doing what it should, I would not want to block it further for this. We can track this comment in a new issue and do a follow-up MR to align these.
cc @tmmorin do you agree?
- you set