Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support SPIFFE mTLS in GKS, add blobstore driver for spanner/GCS, etc. #193

Closed
wants to merge 35 commits into from

Conversation

srago
Copy link

@srago srago commented Mar 8, 2024

  • Added SPIFFE mTLS using GKS workload identity, and handle certificate rotation
    • A custom SPIFFE bundle source removes the need for federation as all certs are signed by a trusted GCP authority
  • New blobstore driver using spanner and GCS
  • New tri-mirror blobstore driver using consensus to allow continued operation if a single mirror is down (still needs GetFromComposite support)
  • Action cache partition enforcement to
    • allow dev workflows to read production action cache entries
    • prevent dev workflows from writing to production action cache
  • Disk space monitoring

@EdSchouten
Copy link
Member

Hey Steve,

Thanks for taking the time to create this PR. Unfortunately, this PR is far too big for me to review and land at once. What doesn't help is that the second half of this PR contains changes on top of changes.

Could you please create PRs for individual pieces of work? Also consider using git rebase -i to reorganise and squash certain commits together. Thanks.

@srago
Copy link
Author

srago commented Mar 9, 2024 via email

@EdSchouten EdSchouten closed this Sep 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants