diff --git a/catalogs/security/opa-gatekeeper/README.md b/catalogs/security/opa-gatekeeper/README.md new file mode 100644 index 00000000..a872c955 --- /dev/null +++ b/catalogs/security/opa-gatekeeper/README.md @@ -0,0 +1,7 @@ +# OPA Gatekeeper + +This is a baseline, prod-ready OPA Gatekeeper installation using Plural. + +## Contributing + +If there are any features or documentation you'd like to add to this setup, please feel free to contribute back at https://github.com/pluralsh/scaffolds. \ No newline at end of file diff --git a/catalogs/security/opa-gatekeeper/helmrepository.yaml b/catalogs/security/opa-gatekeeper/helmrepository.yaml new file mode 100644 index 00000000..9fca083c --- /dev/null +++ b/catalogs/security/opa-gatekeeper/helmrepository.yaml @@ -0,0 +1,8 @@ +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: HelmRepository +metadata: + name: opa-gatekeeper + namespace: apps +spec: + interval: 5m0s + url: https://open-policy-agent.github.io/gatekeeper/charts \ No newline at end of file diff --git a/catalogs/security/trivy-operator/helm/values.yaml.liquid b/catalogs/security/trivy-operator/helm/values.yaml.liquid deleted file mode 100644 index 1f72e748..00000000 --- a/catalogs/security/trivy-operator/helm/values.yaml.liquid +++ /dev/null @@ -1,5 +0,0 @@ -{% raw %} -operator: - labels: - test: "true" -{% endraw %} diff --git a/setup/catalogs/security/opa-gatekeeper.yaml b/setup/catalogs/security/opa-gatekeeper.yaml new file mode 100644 index 00000000..ccff1199 --- /dev/null +++ b/setup/catalogs/security/opa-gatekeeper.yaml @@ -0,0 +1,33 @@ +apiVersion: deployments.plural.sh/v1alpha1 +kind: PrAutomation +metadata: + name: opa-gatekeeper +spec: + name: opa-gatekeeper + icon: https://www.openpolicyagent.org/img/logos/opa-no-text-color.png + documentation: | + Sets up an OPA Gatekeeper policy controller + creates: + git: + ref: sebastian/prod-2981-set-up-catalog-pipeline # TODO set to main + folder: catalogs/security/opa-gatekeeper + templates: + - source: README.md + destination: documentation/opa-gatekeeper/README.md + external: true + - source: helmrepository.yaml + destination: "bootstrap/apps/opa-gatekeeper/{{ context.cluster }}/helmrepository.yaml" + external: true + repositoryRef: + name: scaffolds + catalogRef: + name: security + scmConnectionRef: + name: plural # you'll need to add this ScmConnection manually before this is functional + title: "OPA Gatekeeper setup ({{ context.cluster }})" + message: "Sets up OPA Gatekeeper on {{ context.cluster }} cluster." + identifier: pluralsh/plrl-dev-aws # FIXME + configuration: + - name: cluster + type: STRING + documentation: the cluster you want to deploy to diff --git a/setup/catalogs/security/trivy-operator.yaml b/setup/catalogs/security/trivy-operator.yaml index 2c0313d6..7a8dda52 100644 --- a/setup/catalogs/security/trivy-operator.yaml +++ b/setup/catalogs/security/trivy-operator.yaml @@ -15,9 +15,6 @@ spec: - source: README.md destination: documentation/trivy-operator/README.md external: true - - source: helm/values.yaml.liquid - destination: helm/trivy-operator/{{ context.cluster }}.yaml.liquid - external: true - source: helmrepository.yaml destination: "bootstrap/apps/trivy-operator/{{ context.cluster }}/helmrepository.yaml" external: true @@ -31,7 +28,7 @@ spec: scmConnectionRef: name: plural # you'll need to add this ScmConnection manually before this is functional title: "Trivy Operator setup ({{ context.cluster }})" - message: "Sets up Trivy Operator on cluster {{ context.cluster }}." + message: "Sets up Trivy Operator on {{ context.cluster }} cluster." identifier: pluralsh/plrl-dev-aws # FIXME configuration: - name: cluster