[Ansible-service-broker] Default whitelist is now open for the local registry
Erik Nelson
ernelson at redhat.com
Fri Mar 9 01:03:09 UTC 2018
Wanted to call attention to a change we just merged that impacts
authors pushing their own APBs. Previously, we had a default whitelist
that required "apb push" sourced apb's to be named with an "-apb"
suffix before allowing them to be displayed in the catalog. We have
relaxed this default setting in our development environments to allow
any image name.
It became apparent that a lot of folks trying out apb push were
understandably unaware of this default expectation, so this is an
attempt to help that onboarding experience.
Note: this is a configuration setting that broker admins are able to
change (make more strict) if desired.
The default setting can be found here:
https://github.com/openshift/ansible-service-broker/blob/master/templates/deploy-ansible-service-broker.template.yaml#L324
It can be changed on an existing broker by using "oc edit configmap
broker-config -n ansible-service-broker", and editing the local
registry's white_list regex to your desired whitelist setting. Make
sure to apply the new configuration with "oc rollout latest dc/asb".
Relevant issue and PR:
https://github.com/openshift/ansible-service-broker/issues/823
https://github.com/openshift/ansible-service-broker/pull/827
- Erik
More information about the Ansible-service-broker
mailing list