initially working
This commit is contained in:
commit
26528365e7
2
.gitignore
vendored
Normal file
2
.gitignore
vendored
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
secrets.txt
|
||||||
|
.venv/
|
22
deployment/ingress.yml
Normal file
22
deployment/ingress.yml
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
apiVersion: networking.k8s.io/v1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
name: defectdojo
|
||||||
|
annotations:
|
||||||
|
cert-manager.io/cluster-issuer: letsencrypt-production-http
|
||||||
|
spec:
|
||||||
|
tls:
|
||||||
|
- hosts:
|
||||||
|
- defectdojo.hottis.de
|
||||||
|
secretName: defectdojo-cert
|
||||||
|
rules:
|
||||||
|
- host: defectdojo.hottis.de
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
pathType: Prefix
|
||||||
|
backend:
|
||||||
|
service:
|
||||||
|
name: defectdojo-django
|
||||||
|
port:
|
||||||
|
number: 80
|
41
deployment/install.sh
Executable file
41
deployment/install.sh
Executable file
@ -0,0 +1,41 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
NAMESPACE=$(cat namespace)
|
||||||
|
DEFECTDOJO_VERSION=1.6.174
|
||||||
|
|
||||||
|
kubectl create namespace $NAMESPACE \
|
||||||
|
--dry-run=client \
|
||||||
|
-o yaml | \
|
||||||
|
kubectl -f - apply
|
||||||
|
|
||||||
|
SECRETS_FILE=`mktemp`
|
||||||
|
gpg --decrypt --passphrase $GPG_PASSPHRASE --yes --batch --homedir /tmp/.gnupg --output $SECRETS_FILE secrets.asc
|
||||||
|
. $SECRETS_FILE
|
||||||
|
rm $SECRETS_FILE
|
||||||
|
# eval "`cat secrets.asc | /usr/local/bin/decrypt-secrets.sh`"
|
||||||
|
|
||||||
|
kubectl create secret generic defectdojo-postgresql-specific \
|
||||||
|
--dry-run=client \
|
||||||
|
-o yaml \
|
||||||
|
--save-config \
|
||||||
|
--from-literal=postgresql-password="$PGPASSWORD" | \
|
||||||
|
kubectl apply -f - -n $NAMESPACE
|
||||||
|
|
||||||
|
kubectl create secret generic defectdojo-redis-specific \
|
||||||
|
--dry-run=client \
|
||||||
|
-o yaml \
|
||||||
|
--save-config \
|
||||||
|
--from-literal=redis-password="" | \
|
||||||
|
kubectl apply -f - -n $NAMESPACE
|
||||||
|
|
||||||
|
|
||||||
|
helm repo add defectdojo 'https://raw.githubusercontent.com/DefectDojo/django-DefectDojo/helm-charts'
|
||||||
|
helm repo update
|
||||||
|
helm upgrade --install \
|
||||||
|
defectdojo defectdojo/defectdojo \
|
||||||
|
-f values.yml \
|
||||||
|
--version=$DEFECTDOJO_VERSION \
|
||||||
|
--namespace=$NAMESPACE
|
||||||
|
|
||||||
|
|
||||||
|
kubectl apply -f ingress.yml -n $NAMESPACE
|
1
deployment/namespace
Normal file
1
deployment/namespace
Normal file
@ -0,0 +1 @@
|
|||||||
|
defectdojo
|
7
deployment/secrets.asc
Normal file
7
deployment/secrets.asc
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
jA0ECQMIBTFqH76O+EH80m0BfrFMTw8TSSx9cXepIYKzXVS40qB8WtHg4Dvu96jH
|
||||||
|
E6DH3djCVjketkrTLm2n8gwT6FjcQXtinqhU8IqUiP1nLIu24ZHgy5+Y83MeGN4/
|
||||||
|
dN/TcgiGmXiMM9N0VjGCJeUZ2aHNNunmQeSxVnrv
|
||||||
|
=X3R9
|
||||||
|
-----END PGP MESSAGE-----
|
24
deployment/values.yml
Normal file
24
deployment/values.yml
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
createSecret: true
|
||||||
|
createPostgresqlSecret: false
|
||||||
|
createRedisSecret: false
|
||||||
|
|
||||||
|
siteUrl: "https://defectdojo.hottis.de"
|
||||||
|
alternativeHosts:
|
||||||
|
- defectdojo.hottis.de
|
||||||
|
|
||||||
|
django:
|
||||||
|
ingress:
|
||||||
|
enabled: false
|
||||||
|
|
||||||
|
postgresql:
|
||||||
|
enabled: false
|
||||||
|
postgresServer: database.database1.svc.cluster.local
|
||||||
|
|
||||||
|
redis:
|
||||||
|
enabled: false
|
||||||
|
redisServer: redis-master.redis.svc.cluster.local
|
||||||
|
|
||||||
|
celery:
|
||||||
|
path: "/6"
|
||||||
|
|
||||||
|
|
Loading…
x
Reference in New Issue
Block a user