search

confidential-containers / trustee-operator

Operator to manage the lifecycle of Trustee (KBS)
Apache License 2.0
2 stars 12 forks source link

Initial code #1

Closed bpradipt closed 1 year ago

bpradipt commented 1 year ago

This is initial code for the operator.

bpradipt commented 1 year ago

Ptal

bpradipt commented 1 year ago

You can test a deployment without building the image by using the following instructions

openssl genpkey -algorithm ed25519 > kbs.key
openssl pkey -in kbs.key -pubout -out kbs.pem

make deploy IMG=quay.io/bpradipt/kbs-operator

kubectl create secret generic kbs-auth-public-key --from-file=kbs.pem -n kbs-operator-system
kubectl apply -f config/samples/kbs-config.yaml
kubectl apply -f config/samples/as-config.yaml
kubectl apply -f config/samples/kbsconfig_sample.yaml

The latest image doesn't work out-of-box. So use the built-in-as-v0.6.0 tagged version like this

kubectl set image -n kbs-operator-system deploy/kbs-deployment kbs=ghcr.io/confidential-containers/key-broker-service:built-in-as-v0.6.0

The kbs deployment should be up and running.