Open
Conversation
mozcloud/application/values.yaml
Outdated
Comment on lines
+1301
to
+1309
| # | ||
| # # Cloud Armor security policy to attach to the load balancer backend. | ||
| # # This should match the name of an existing Cloud Armor policy in GCP. | ||
| # # | ||
| # # NOTE: This option exists only to support migration of existing | ||
| # # applications that already use Cloud Armor. New applications should | ||
| # # NOT use this — use Fastly for WAF instead. | ||
| # #securityPolicy: my-app-policy | ||
| # |
Contributor
There was a problem hiding this comment.
Super tiny nit: can you place this in alphabetical order before timeoutSec? Also, can you update the parent comment above options to mention it?
Comment on lines
+704
to
+707
| }, | ||
| "securityPolicy": { | ||
| "type": "string", | ||
| "description": "Cloud Armor security policy name to attach to the load balancer backend. For migration of existing applications only — new applications should use Fastly for WAF instead." |
Contributor
There was a problem hiding this comment.
Wanted to double check this one. I'm only seeing the addition to hosts.name.options.
Contributor
Author
There was a problem hiding this comment.
Ahh good catch. Since hosts.<host>.backends[].backendPolicy lacks other backendPolicy values like timeoutSec, iap, and logSampleRate, I opted to remove securityPolicy here.
- alphabatize hosts.<host>.options values comments and schema - remove securityPolicy schema entry from hosts.<host>.backends[].backendPolicy Since this path doesn't include other options like timeoutSec, iap, and logSampleRate, don't keep securityPolicy around
grahamalama
force-pushed
the
security-policy
branch
from
ef82d26 to
b72355c
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes MZCLD-2176