bluejay/bluejay-infra
1
0
Fork 0
Code Issues Pull Requests 15 Actions Packages Projects Releases Wiki Activity

deploy(gx10): wire Apple MDM runtime secret keys

Browse Source
This commit is contained in:
Robot
2026-06-18 08:41:44 -05:00
parent 27600b8b99
commit a56e98422f
3 changed files with 137 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
apps-gx10/fc-apple-mdm/README.md
View File

@@ -29,6 +29,12 @@ NanoHUB APIs under `/api/v1/*` stay cluster-internal for MDM-N1. The
DeviceManagement bridge can use the ClusterIP service directly once its NanoHUB
client lane lands.
SCEP is intentionally not exposed here yet. NanoHUB/NanoMDM expects an external
SCEP service; the next runtime lane should either add a dedicated SCEP route
such as `https://mdm.iamworkin.lan/scep/...` backed by an Apple-MDM-specific CA,
or set `APPLE_MDM_SCEP_URL` in the DeviceManagement runtime secret to another
live SCEP endpoint. Do not point the profile at a placeholder URL.
## Deployment Notes
1. Create or refresh the runtime Kubernetes Secret from the 1Password item