search

SAP-archive / karydia

Kubernetes Security Walnut
Other
77 stars 10 forks source link

Provide simple install option using Helm #72

Closed Neumann-Nils closed 5 years ago

Neumann-Nils commented 5 years ago

Description

This pull requests allows a user to install karydia in a simple three step process. This process includes:

  1. Installing Helm and Tiller
  2. Preparing the installation including the generation of certificates and secrets
  3. Install karydia itself using Helm

The process is well documented in a seperate readme and is also described in #58.

Checklist

Before submitting this PR, please make sure:

CLAassistant commented 5 years ago

CLA assistant check
All committers have signed the CLA.

ionysos commented 5 years ago

There are still references to files which get moved, renamed and/or deleted through this pull request. This should be fixed before merging. Furthermore, docs/install.md should be updated to the new process as well.

Example search output:

docs/install.md
35:kubectl apply -f manifests/crd-karydia-security-policy.yml

docs/devel/hotswap.md
26:`manifests-dev/deployment-dev.yml` from `manifests/deployment.yml`.
30:`manifests/deployment.yml` (e.g. `karydia/karydia`)
43:kubectl delete -f manifests/deployment.yml

docs/install.md
43:kubectl apply -f manifests/deployment.yml
82:cat manifests/deployment.yml | sed -e 's|image: karydia/karydia.*|image: karydia/karydia|' | kubectl apply -f -

scripts/generate-deployment-dev
24:PROD_YAML='manifests/deployment.yml'

docs/install.md
41:kubectl apply -f manifests/namespace.yml
149:kubectl apply -f manifests/namespace.yml

docs/install.md
42:kubectl apply -f manifests/rbac.yml

docs/install.md
44:kubectl apply -f manifests/service.yml

docs/devel/telepresence.md
33:./scripts/configure-karydia-webhook

docs/install.md
51:./scripts/configure-karydia-webhook
163:./contrib/gardener/scripts/configure-karydia-webhook-cp
ionysos commented 5 years ago

Maybe charts as name for the new folder is not the best solution. IMHO helm/charts or helm-charts would be a little more precise. Any other comments?

Neumann-Nils commented 5 years ago

For the name of the folder, I mainly copied it from the Gardener project (https://github.com/gardener/gardener/tree/master/charts). In contrast, Istio called their folder "install" (https://github.com/istio/istio/tree/master/install).

In my opinion, having a folder "install" that only stores the "prepare-karydia-install" script and has a sub-folder "charts" for everything that is soley for Helm would be a good solution.

Neumann-Nils commented 5 years ago

Had a look at many files and updated the references.

Neumann-Nils commented 5 years ago

It would be a good idea to extract more values from the YAML files into the values.yaml. Especially those values should be extracted that are used by multiple manifests.

ionysos commented 5 years ago

I'm closing this PR because there're too many changes and discussions at an ongoing state. Furthermore, there is a new (slightly different) PR template available which should be used for new PRs. Maybe a Draft Pull Request is also a good choice for the next time. :wink: