initially working
This commit is contained in:
commit
26528365e7
2
.gitignore
vendored
Normal file
2
.gitignore
vendored
Normal file
@ -0,0 +1,2 @@
|
||||
secrets.txt
|
||||
.venv/
|
22
deployment/ingress.yml
Normal file
22
deployment/ingress.yml
Normal file
@ -0,0 +1,22 @@
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: defectdojo
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-production-http
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- defectdojo.hottis.de
|
||||
secretName: defectdojo-cert
|
||||
rules:
|
||||
- host: defectdojo.hottis.de
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: defectdojo-django
|
||||
port:
|
||||
number: 80
|
41
deployment/install.sh
Executable file
41
deployment/install.sh
Executable file
@ -0,0 +1,41 @@
|
||||
#!/bin/bash
|
||||
|
||||
NAMESPACE=$(cat namespace)
|
||||
DEFECTDOJO_VERSION=1.6.174
|
||||
|
||||
kubectl create namespace $NAMESPACE \
|
||||
--dry-run=client \
|
||||
-o yaml | \
|
||||
kubectl -f - apply
|
||||
|
||||
SECRETS_FILE=`mktemp`
|
||||
gpg --decrypt --passphrase $GPG_PASSPHRASE --yes --batch --homedir /tmp/.gnupg --output $SECRETS_FILE secrets.asc
|
||||
. $SECRETS_FILE
|
||||
rm $SECRETS_FILE
|
||||
# eval "`cat secrets.asc | /usr/local/bin/decrypt-secrets.sh`"
|
||||
|
||||
kubectl create secret generic defectdojo-postgresql-specific \
|
||||
--dry-run=client \
|
||||
-o yaml \
|
||||
--save-config \
|
||||
--from-literal=postgresql-password="$PGPASSWORD" | \
|
||||
kubectl apply -f - -n $NAMESPACE
|
||||
|
||||
kubectl create secret generic defectdojo-redis-specific \
|
||||
--dry-run=client \
|
||||
-o yaml \
|
||||
--save-config \
|
||||
--from-literal=redis-password="" | \
|
||||
kubectl apply -f - -n $NAMESPACE
|
||||
|
||||
|
||||
helm repo add defectdojo 'https://raw.githubusercontent.com/DefectDojo/django-DefectDojo/helm-charts'
|
||||
helm repo update
|
||||
helm upgrade --install \
|
||||
defectdojo defectdojo/defectdojo \
|
||||
-f values.yml \
|
||||
--version=$DEFECTDOJO_VERSION \
|
||||
--namespace=$NAMESPACE
|
||||
|
||||
|
||||
kubectl apply -f ingress.yml -n $NAMESPACE
|
1
deployment/namespace
Normal file
1
deployment/namespace
Normal file
@ -0,0 +1 @@
|
||||
defectdojo
|
7
deployment/secrets.asc
Normal file
7
deployment/secrets.asc
Normal file
@ -0,0 +1,7 @@
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
jA0ECQMIBTFqH76O+EH80m0BfrFMTw8TSSx9cXepIYKzXVS40qB8WtHg4Dvu96jH
|
||||
E6DH3djCVjketkrTLm2n8gwT6FjcQXtinqhU8IqUiP1nLIu24ZHgy5+Y83MeGN4/
|
||||
dN/TcgiGmXiMM9N0VjGCJeUZ2aHNNunmQeSxVnrv
|
||||
=X3R9
|
||||
-----END PGP MESSAGE-----
|
24
deployment/values.yml
Normal file
24
deployment/values.yml
Normal file
@ -0,0 +1,24 @@
|
||||
createSecret: true
|
||||
createPostgresqlSecret: false
|
||||
createRedisSecret: false
|
||||
|
||||
siteUrl: "https://defectdojo.hottis.de"
|
||||
alternativeHosts:
|
||||
- defectdojo.hottis.de
|
||||
|
||||
django:
|
||||
ingress:
|
||||
enabled: false
|
||||
|
||||
postgresql:
|
||||
enabled: false
|
||||
postgresServer: database.database1.svc.cluster.local
|
||||
|
||||
redis:
|
||||
enabled: false
|
||||
redisServer: redis-master.redis.svc.cluster.local
|
||||
|
||||
celery:
|
||||
path: "/6"
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user