-
Notifications
You must be signed in to change notification settings - Fork 23
/
Copy pathzarf.yaml
54 lines (52 loc) · 1.87 KB
/
zarf.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
# Copyright 2024 Defense Unicorns
# SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial
kind: ZarfPackageConfig
metadata:
name: uds-core-neuvector-common
description: "UDS Core Neuvector Common"
url: https://open-docs.neuvector.com/
components:
- name: neuvector
description: "Deploy Neuvector"
required: true
charts:
- name: crd
url: https://neuvector.github.io/neuvector-helm/
version: 2.8.4
namespace: neuvector
gitPath: charts/crd
- name: uds-neuvector-config
namespace: neuvector
version: 0.1.0
localPath: ../chart
valuesFiles:
- ../chart/values.yaml
- name: core
url: https://neuvector.github.io/neuvector-helm/
version: 2.8.4
namespace: neuvector
gitPath: charts/core
valuesFiles:
- ../values/values.yaml
# - name: monitor
# url: https://neuvector.github.io/neuvector-helm/
# version: 2.8.4
# namespace: neuvector
# gitPath: charts/monitor
# valuesFiles:
# - ../values/monitor-values.yaml
actions:
onDeploy:
after:
- description: Validate Neuvector Package
maxTotalSeconds: 300
wait:
cluster:
kind: packages.uds.dev
name: neuvector
namespace: neuvector
condition: "'{.status.phase}'=Ready"
- description: Annotate Controller deployment for Neuvector SSO secret
cmd: |
SSO_CHECKSUM=$(./zarf tools kubectl get secret neuvector-secret -o json -n neuvector | sha256sum | cut -d' ' -f1)
./zarf tools kubectl patch deployment neuvector-controller-pod -n neuvector -p "{\"spec\":{\"template\":{\"metadata\":{\"annotations\":{\"checksum/uds-sso-secret\":\"$SSO_CHECKSUM\"}}}}}"