wn/trivy-operator-dojo-integration
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
main
trivy-operator-dojo-integra…/install.sh

61 lines
1.6 KiB
Bash
Executable File
Raw Permalink Blame History

#!/bin/bash
TRIVY_OPERATOR_VERSION=0.28.1
TRIVY_DOJO_OPERATOR_VERSION=0.8.8
NAMESPACE=security
TRIVY_OPERATOR_NAME=trivy-operator
TRIVY_DOJO_OPERATOR_NAME=trivy-dojo-operator
kubectl create namespace $NAMESPACE \
--dry-run=client \
-o yaml | \
kubectl -f - apply
if [ -f secrets.txt ]; then
. secrets.txt
else
if [ "$GPG_PASSPHRASE" = "" ]; then
echo "gpg passphrase for secret decrypting not set"
exit 1
fi
SECRETS_FILE=`mktemp`
gpg --decrypt --passphrase $GPG_PASSPHRASE --yes --batch --homedir /tmp/.gnupg --output $SECRETS_FILE secrets.asc
. $SECRETS_FILE
rm $SECRETS_FILE
fi
kubectl create secret generic ${TRIVY_DOJO_OPERATOR_NAME}-trivy-dojo-report-operator-defect-dojo-api-credentials \
--dry-run=client \
-o yaml \
--save-config \
--from-literal=apiKey="$DOJO_API_KEY" \
--from-literal=url="$DOJO_URL" | \
kubectl apply -f - -n $NAMESPACE
kubectl create secret generic trivy-operator-trivy-config \
--dry-run=client \
-o yaml \
--save-config \
--from-literal="trivy.serverToken"="$TRIVY_SERVER_TOKEN" | \
kubectl apply -f - -n $NAMESPACE
helm repo add aqua https://aquasecurity.github.io/helm-charts/
helm repo update
helm upgrade --install $TRIVY_OPERATOR_NAME aqua/trivy-operator \
-f values-trivy-operator.yml \
--namespace $NAMESPACE \
--version $TRIVY_OPERATOR_VERSION
helm repo add trivy-dojo-report-operator https://telekom-mms.github.io/trivy-dojo-report-operator/
helm repo update
helm upgrade --install $TRIVY_DOJO_OPERATOR_NAME trivy-dojo-report-operator/trivy-dojo-report-operator \
-f values-trivy-dojo-operator.yml \
--namespace $NAMESPACE \
--version $TRIVY_DOJO_OPERATOR_VERSION
Reference in New Issue View Git Blame Copy Permalink