Comments (2)
+1
from gke-policy-automation.
Update: I played around with Cloud Run jobs Terraform resource.
It works good but there is a dependency on a container image presence in Artifact Registry - job creation fails, when there is no image in Artifact Registry. That is the case during the Terraform run.
Option 1 : Use Artifact Registry remote repository
In this option, the new Artifact Regsitry remote repositories feature will be used. It will allow to avoid any manual tasks of moving tool's image to the Artifact Registry. The remote repo will proxy / cache the tool's repo from Github. The only problem is that, for now, remote repos support only docker hub as an upstream.
Option 2: Run scrip that moves image as Terraform local-exec resource
In this option, we run script that copies tool's image to Artifact Registry as a Terraform resource. Then we create CloudRun jobs. I'm not a big fan of running scripts from the Terraform however, but we will avoid script step.
I think that #option 1 is the future direction once Artifact Registry will be ready.
Im' just not sure if we should move script to Terraform or stay as it is for now.
from gke-policy-automation.
Related Issues (20)
- Autopilot clusters: policies for NAP and node pool service accounts fail
- Data Inputs: core
- Data inputs: Input aware policies
- Migrate GKE GCP API client to the new input structure
- Migrate Kubernetes API client to the new input structure
- Add simple REST input for demo purposes
- Migrate metrics GCP API to the new input structure
- Cannot process policies with version older than the current one HOT 1
- Policy node_pool_use_cos should not fail on windows node pools
- Introduce Autopilot compatibility checks HOT 2
- All policies skipped - no checks perfomed HOT 4
- Scalability: number of PODs in cluster HOT 1
- Scalability: number of containers in cluster HOT 1
- Scalability: nodes per node pool zone HOT 2
- Scalability: PODs per node HOT 1
- Scalability: number of nodes in a cluster
- Scalability: number of services in a cluster HOT 1
- Scalability: number of services per namespace
- Scalability: add actuals and limits to the policy model
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gke-policy-automation.