initial

install.sh

@@ -0,0 +1,53 @@
+#!/bin/bash
+
+TRIVY_OPERATOR_VERSION=0.28.1
+TRIVY_DOJO_OPERATOR_VERSION=0.8.8
+
+
+NAMESPACE=security
+TRIVY_OPERATOR_NAME=trivy-operator
+TRIVY_DOJO_OPERATOR_NAME=trivy-dojo-operator
+
+kubectl create namespace $NAMESPACE \
+  --dry-run=client \
+  -o yaml | \
+  kubectl -f - apply
+
+
+if [ -f secrets.txt ]; then
+  . secrets.txt
+else
+  if [ "$GPG_PASSPHRASE" = "" ]; then
+    echo "gpg passphrase for secret decrypting not set"
+    exit 1
+  fi
+
+  SECRETS_FILE=`mktemp`
+  gpg --decrypt --passphrase $GPG_PASSPHRASE --yes --batch --homedir /tmp/.gnupg --output $SECRETS_FILE secrets.asc
+  . $SECRETS_FILE
+  rm $SECRETS_FILE
+fi
+
+kubectl create secret generic ${TRIVY_DOJO_OPERATOR_NAME}-trivy-dojo-report-operator-defect-dojo-api-credentials \
+  --dry-run=client \
+  -o yaml \
+  --save-config \
+  --from-literal=apiKey="$DOJO_API_KEY" \
+  --from-literal=url="$DOJO_URL" | \
+  kubectl apply -f - -n $NAMESPACE
+
+
+helm repo add aqua https://aquasecurity.github.io/helm-charts/
+helm repo update
+helm upgrade --install $TRIVY_OPERATOR_NAME aqua/trivy-operator \
+  -f values-trivy-operator.yml \
+  --namespace $NAMESPACE \
+  --version $TRIVY_OPERATOR_VERSION
+
+helm repo add trivy-dojo-report-operator https://telekom-mms.github.io/trivy-dojo-report-operator/
+helm repo update
+helm upgrade --install $TRIVY_DOJO_OPERATOR_NAME trivy-dojo-report-operator/trivy-dojo-report-operator \
+  -f values-trivy-dojo-operator.yml \
+  --namespace $NAMESPACE \
+  --version $TRIVY_DOJO_OPERATOR_VERSION
+