Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore: add
Made for UDS
badge to Mattermost (#90)
## Description This adds the Made for UDS badge to Mattermost given it meets the following: ## Integrations ### Istio - [X] - **Must** define any external interfaces under the `expose` key. - [X] - **Must** deploy and operate successfully with Istio injection enabled in the namespace. - [X] - **Should** avoid workarounds such as disabling strict mTLS peer authentication. ### Network Policies - [X] - **Must** define network policies under the `allow` key as required. - [X] - **Should** minimize network policies to specific selectors needed for Ingress/Egress traffic. - [X] - **May** template network policy keys to provide flexibility for delivery customers to configure. ### Keycloak - [X] - **Must** use and create a Keycloak client through the `sso` key if the application provides a user login. - [ ] - **Should** consider security options during implementation to provide the most secure default possible (i.e. SAML w/SCIM vs OIDC). - [X] - **Should** name the client `<App> Login` (i.e. `Mattermost Login`) to provide login UX consistency. - [X] - **Should** clearly mark the client id with the group and app name `uds-<group>-<application>` (i.e. `uds-swf-mattermost`) to provide consistency in the Keycloak UI. - [X] - **May** end any generated secrets with `-sso` to easily locate them when querying the cluster. - [X] - **May** template Keycloak fields to provide flexibility for delivery customers to configure. ### Prometheus - [X] - **Must** implement monitors for each application metrics endpoint using it's built-in chart monitors, the `Package` CR `monitor` key, or manual monitors in the config chart. ## Exemptions - [X] - **Must** minimize the scope and number of the exemptions to only what is absolutely required by the application - [X] - **Must** have documented rationale for any exemptions present ## Structure - [X] - **Should** expose all configuration (`uds.dev` CRs, additional `Secrets`/`ConfigMaps`, etc) through a Helm chart (ideally in a `chart` or `charts` directory). - [X] - **Should** limit the use of Zarf variable templates and prioritize configuring packages via Helm value overrides - [X] - **Should** implement or allow for multiple flavors (ideally with common definitions in a `common` directory) ## Testing - [X] - **Must** implement Journey Testing to cover the basic user flows and features of the application, especially where an application interacts with an external service / interface. - [X] - **Must** implement Upgrade Testing to ensure that the current development package works when deployed over the previously released one. - [X] - **Should** lint their configurations with appropriate tooling such as [`yamllint`](https://github.com/adrienverge/yamllint) and [`zarf dev lint`](https://docs.zarf.dev/commands/zarf_dev_lint/). ## Maintenance - [X] - **Must** have a dependency management bot (such as renovate) configured to open PRs to update core package and support dependencies. - [X] - **Must** release its package to the `ghcr.io/defenseunicorns/packages/<group>` namespace as the application's name (i.e. `ghcr.io/defenseunicorns/packages/uds/mattermost`) ## General - [X] - **Must** be capable of operating within an internet-disconnected (air-gapped) environment - [X] - **Must** be maintained by a resourced team that is explicitly defined as maintaining the project (i.e. in `CODEOWNERS`) ## Related Issue Fixes #N/A ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [X] Other (security config, docs update, etc) ## Checklist before merging - [X] Test, docs, adr added or updated as needed - [X] [Contributor Guide Steps](https://github.com/defenseunicorns/uds-package-mattermost/blob/main/CONTRIBUTING.md#developer-workflow) followed
- Loading branch information