This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
#Install JQ and YQ | |
#./get_netpol.sh | oc apply -f - | |
if [[ -z "${ROX_ENDPOINT}" ]]; then | |
echo >&2 "ROX_ENDPOINT must be set" | |
exit 1 | |
fi | |
if [[ -z "${ROX_API_TOKEN}" ]]; then |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: platform.stackrox.io/v1alpha1 | |
kind: SecuredCluster | |
metadata: | |
name: stackrox-secured-cluster-services | |
namespace: stackrox | |
spec: | |
monitoring: | |
openshift: | |
enabled: true | |
auditLogs: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# haproxy.cfg | |
defaults | |
mode http | |
log global | |
option httplog | |
option dontlognull | |
option forwardfor except 127.0.0.0/8 | |
option redispatch | |
retries 3 | |
timeout http-request 10s |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: platform.stackrox.io/v1alpha1 | |
kind: Central | |
metadata: | |
name: stackrox-central-services | |
namespace: stackrox | |
spec: | |
central: | |
db: | |
isEnabled: Default | |
persistence: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
DOCKER_CONFIG_JSON=`oc extract secret/pull-secret -n openshift-config --to=-` | |
oc create secret generic multiclusterhub-operator-pull-secret \ | |
-n open-cluster-management-observability \ | |
--from-literal=.dockerconfigjson="$DOCKER_CONFIG_JSON" \ | |
--type=kubernetes.io/dockerconfigjson | |
ACCESS_KEY="" | |
SECRET_KEY="" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
if [ $# -eq 0 ] | |
then | |
echo "try: $0 payments-v2 frontend backend" | |
exit 1 | |
fi | |
> netpols.yaml | |
for namespace in $@ | |
do |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: platform.stackrox.io/v1alpha1 | |
kind: SecuredCluster | |
metadata: | |
name: stackrox-secured-cluster-services | |
namespace: stackrox | |
spec: | |
admissionControl: | |
bypass: BreakGlassAnnotation | |
contactImageScanners: DoNotScanInline | |
listenOnCreates: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: v1 | |
kind: ServiceAccount | |
metadata: | |
namespace: stackrox | |
name: stackrox-image-puller | |
--- | |
kind: ClusterRoleBinding | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: stackrox-image-puller-clusterrolebinding |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
if [[ -z "${ROX_ENDPOINT}" ]]; then | |
echo >&2 "ROX_ENDPOINT must be set" | |
exit 1 | |
fi | |
if [[ -z "${ROX_API_TOKEN}" ]]; then | |
echo >&2 "ROX_API_TOKEN must be set" | |
exit 1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
4 simple steps | |
- Create namespace | |
- Create secret ( it is required ) | |
- Generate cluster-init-bundle. | |
- Install secured-cluster using helm. | |
# Create namespace and Pull-Secret from cloud.redhat.com | |
kubectl create namespace stackrox |
NewerOlder