Skip to content

[VC-43403] Revert some of the MachineHub changes from #653 #694

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 22, 2025
Merged

[VC-43403] Revert some of the MachineHub changes from #653 #694

merged 1 commit into from
Aug 22, 2025

Conversation

wallrj-cyberark
Copy link
Member

@wallrj-cyberark wallrj-cyberark commented Aug 21, 2025
edited
Loading

I want to revert some of the code which @maelvls introduced in #653 because I'm finding it really difficult to work with.

Specifically,

  • I want to load the MachineHub / DisCo config and credentials from a file mounted into the Pod. I don't want to have to watch and load them from a Secret, so the SecretName configuration and subdomain configuration is redundant.
  • I want to refactor TLSPKMode to be called OutputMode, or Outputs and add a LocalFile mode. Then we can just build a list of output functions, depending on what command line flags have been supplied and call them all in a batch, periodically, or one-shot.
  • Alternatively, we could rename client.Client to output.Publisher and have a function to compose an outputter from one or more of: LocalFilePublisher, TLSPKPublisher, MachineHubPublisher.

Here's what I want to do next, if this PR merges:

I explained the problems to @inteon in the standup meeting this morning, so I'll ask him to review this.

@wallrj-cyberark wallrj-cyberark mentioned this pull request Aug 21, 2025
Merged
@wallrj-cyberark wallrj-cyberark changed the title Revert some of the MachineHub changes from #653 [VC-43403] Revert some of the MachineHub changes from #653 Aug 21, 2025
@wallrj-cyberark wallrj-cyberark requested a review from inteon August 21, 2025 16:08
@wallrj-cyberark wallrj-cyberark merged commit d383e3c into master Aug 22, 2025
2 checks passed
@wallrj-cyberark wallrj-cyberark deleted the revert-some-machinehub-mode branch August 22, 2025 08:07
maelvls
maelvls reviewed Aug 22, 2025
View reviewed changes
pkg/agent/config.go
// CredentialsSecretName is the name of a Kubernetes Secret in the same
// namespace as the agent, which will be watched for a username and password
// to send to CyberArk Identity for authentication.
CredentialsSecretName string `yaml:"credentialsSecretName"`
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree, not sure why we went with loading the credentials from a Kubernetes secret.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@maelvls maelvls maelvls left review comments

@inteon inteon inteon approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@wallrj-cyberark @maelvls @inteon