search

mercedes-benz / sechub

SecHub provides a central API to test software with different security tools.
https://mercedes-benz.github.io/sechub/
MIT License
260 stars 63 forks source link

Testing with a local Kubernetes #3067

Open sven-dmlr opened 5 months ago

sven-dmlr commented 5 months ago

Situation

Currently there are many Bash scripts which use Docker-Compose for local testing.

Wanted

We'd like to use the existing container images and Helm charts for running SecHub (including PDS solutions) locally. This should ease things a lot.

ToDo

As a first step make SecHub Server run locally using the existing container images and Helm charts.

hamidonos commented 3 months ago

We should take a look at Kind (Kubernetes-in-Docker) for local and test environments.

kind stands for Kubernetes in Docker. It is a tool for running local Kubernetes clusters using Docker container "nodes".

Advantages of kind:

  1. Ease of Setup: kind is easy to install and get started with. It requires Docker to be installed on your machine, and then you can simply create a Kubernetes cluster with a single command.

  2. Resource Efficiency: kind runs Kubernetes within Docker containers, it doesn't require a full virtual machine for each node, making it more resource-efficient than some other local Kubernetes solutions.

  3. Fast and Repeatable: kind allows you to spin up and tear down Kubernetes clusters quickly, which is ideal for testing changes in a repeatable manner.

  4. CI-Friendly: kind is designed to be used in continuous integration (CI) pipelines. It can start a Kubernetes cluster, run tests, and then tear down the cluster all within a single CI job.

  5. Multi-Node Clusters: kind supports multi-node (including HA) clusters, which makes it a good choice for testing more complex Kubernetes setups.

  6. Conformance Testing: kind is used for Kubernetes conformance testing. If you're developing software that needs to work with Kubernetes, you can be confident that if it works with kind, it should work with other Kubernetes installations.

  7. Network Plugin Support: kind supports configurable network plugins, and ships with several default network configurations.

In summary, kind is a powerful tool for anyone who needs a quick and easy way to run Kubernetes clusters in a local Docker environment, particularly for testing and development purposes.