Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AppSec Deployment does not respect .Values.tls.enabled #217

Open
timtrense-leadec opened this issue Dec 17, 2024 · 5 comments
Open

AppSec Deployment does not respect .Values.tls.enabled #217

timtrense-leadec opened this issue Dec 17, 2024 · 5 comments
Assignees
@buixor @mmetc
Labels
kind/bug Something isn't working needs/triage Needs triage

Comments

@timtrense-leadec
Copy link

When setting tls.enabled: true, the lapi will provide an https endpoint at 8080.

If I see it correctly, the deployment of the appsec component does not respect that when constructing the target URL.

Instead, http:// is hardcoded. Also, no env vars for the CLIENT_CERT_FILE/CLIENT_KEY_FILE/CACERT_FILE get set.

Do I see that correctly that the appsec component currently does not support tls.enabled or am I missing something?

PS Besides, great work in providing a helm chart for CrowdSec! Really would like to use it, once I can get AppSec up.
@github-actions github-actions bot added the needs/triage Needs triage label Dec 17, 2024
@github-actions GitHub Actions
Copy link

@timtrense-leadec: Thanks for opening an issue, it is currently awaiting triage.

If you haven't already, please provide the following information:

  • kind : bug, enhancementor documentation
  • area : agent, appsec, configuration, cscli, local-api

In the meantime, you can:

  1. Check Crowdsec Documentation to see if your issue can be self resolved.
  2. You can also join our Discord.
  3. Check Releases to make sure your agent is on the latest version.
Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the forked project rr404/oss-governance-bot repository.

@github-actions github-actions bot added the needs/kind Kind label required label Dec 17, 2024
@github-actions GitHub Actions
Copy link

@timtrense-leadec: There are no 'kind' label on this issue. You need a 'kind' label to start the triage process.

  • /kind bug
  • /kind documentation
  • /kind enhancement
Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the forked project rr404/oss-governance-bot repository.

@timtrense-leadec
Copy link
Author

/kind bug
/area appsec

@github-actions github-actions bot added kind/bug Something isn't working and removed needs/kind Kind label required labels Dec 17, 2024
@he2ss he2ss assigned mmetc and unassigned buixor Dec 18, 2024
@he2ss
Copy link
Member

he2ss commented Dec 18, 2024

Hi @timtrense-leadec,

it's correct, I implemented the appsec in the helm chart without the tls for a first iteration.
It will be done asap.

@timtrense-leadec
Copy link
Author

Hey @he2ss, thank you for the quick response. I didn't mean to rush you: just good to have the confirmation to have read the code correctly.
Really looking forward to that!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@buixor buixor

@mmetc mmetc

Labels
kind/bug Something isn't working needs/triage Needs triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@buixor @he2ss @mmetc @timtrense-leadec