Last active
October 15, 2022 15:57
-
-
Save vfarcic/aa3781fcced6104cb5a69a82baf863cb to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Source: https://gist.github.com/aa3781fcced6104cb5a69a82baf863cb | |
| ################################################# | |
| # How To Write Kubernetes Manifests With Datree # | |
| # https://youtu.be/mfuGc7hgStU # | |
| ################################################# | |
| # Additional Info: | |
| # - Datree: https://datree.io | |
| # - Datree repo: https://github.com/datreeio/datree | |
| # - Other Datree resources: https://github.com/datreeio/awesome-datree | |
| # - Kubernetes-Native Policy Management With Kyverno: https://youtu.be/DREjzfTzNpA | |
| # - How to apply policies in Kubernetes using Open Policy Agent (OPA) and Gatekeeper: https://youtu.be/14lGc7xMAe4 | |
| # - Kubernetes Policy Management Tools Compared - OPA with Gatekeeper vs. Kyverno: https://youtu.be/9gSrRNmmKBc | |
| # - Kustomize - How to Simplify Kubernetes Configuration Management: https://youtu.be/Twtbg6LFnAg | |
| # - Helm vs Kustomize - The Fight Between Templating and Patching in Kubernetes: https://youtu.be/ZMFYSm0ldQ0 | |
| # - Argo CD - Applying GitOps Principles To Manage A Production Environment In Kubernetes: https://youtu.be/vpWQeoaiRM4 | |
| # - Flux CD v2 With GitOps Toolkit - Kubernetes Deployment And Sync Mechanism: https://youtu.be/R6OeIgb7lUI | |
| ######### | |
| # Setup # | |
| ######### | |
| # Install the `datree` CLI from https://hub.datree.io/#a-1-install-datrees-cli-integration | |
| git clone https://github.com/vfarcic/datree-demo | |
| cd datree-demo | |
| ################################# | |
| # Validating Schema With Datree # | |
| ################################# | |
| datree test k8s/*.yaml | |
| cat k8s/deployment.yaml | |
| cp orig/deployment.yaml k8s/. | |
| datree test k8s/*.yaml | |
| ################################### | |
| # Validating Policies With Datree # | |
| ################################### | |
| datree test k8s/*.yaml | |
| # Open `k8s/deployment.yaml` and change `spec.template.spec.containers[0].image` to `vfarcic/devops-toolkit-series:4.1.0` | |
| datree test k8s/*.yaml | |
| cat orig/hpa.yaml | |
| cp orig/hpa.yaml k8s/. | |
| datree test k8s/*.yaml | |
| ################################### | |
| # Creating Custom Datree Policies # | |
| ################################### | |
| datree test k8s/*.yaml | |
| export DATREE_TOKEN=[...] | |
| datree test k8s/*.yaml --policy dev | |
| datree test k8s/*.yaml --policy prod | |
| ######################################### | |
| # Testing Custom Resources With Dadtree # | |
| ######################################### | |
| cat argocd/apps.yaml | |
| datree test argocd/apps.yaml | |
| datree test argocd/apps.yaml \ | |
| --ignore-missing-schemas | |
| ######################################## | |
| # Creating Custom Policies With Datree # | |
| ######################################## | |
| cat crossplane/*.yaml | |
| cat policies.yaml | |
| datree publish policies.yaml | |
| datree test crossplane/*.yaml \ | |
| --policy local \ | |
| --ignore-missing-schemas | |
| ########### | |
| # Destroy # | |
| ########### | |
| rm -f k8s/hpa.yaml | |
| cat k8s/deployment.yaml \ | |
| | sed -e "s@image: .*@image: vfarcic/devops-toolkit-series:latest@g" \ | |
| | tee k8s/deployment.yaml | |
| cp orig/deployment-no-template.yaml \ | |
| k8s/deployment.yaml | |
| # Disable `Policy as code` | |
| # Delete the `local`, `dev`, and the `prod` policies |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment