This repo contains various automation tools to support the development and testing of Keylime using Packer, Terraform and GitHub Actions.
Guides for common tasks are given below.
- Set up a New Containerised Development Environment
- Deploy a Keylime Installation to Google Cloud Platform (GCP)
- Automate Staging Environment Deployment with GCP and GitHub Actions
The main files of this repo are:
- kl-deploy-images.sh (docs): Bash script which retrieves Keylime source code, builds Docker images for the various Keylime components (the registrar, verifier, tenant and agent), and pushes the images to the GCP container registry.
- kl-vmware-image.pkr.hcl (docs): Packer configuration file for standing up batteries-included containerised developer environments in VMWare.
- kl-gce-image.pkr.hcl (docs): Packer configuration file for building VM images for GCP Compute Engine with containers for each of the Keylime components.
- kl-gce-vm.tf (docs): Terraform configuration file for instantiating a VM in GCP from an image built by Packer.
Dockerfiles for each of the Keylime components can be found in the docker directory.
Supporting shell scripts used by the Packer config files are in the helpers directory. Default Packer/Terraform input variable values are in defaults.
- Improve docs.
- Switch to Dockerfiles based on distroless images (e.g., see this PR.)
- Use Packer templates to modularise the current Packer config files and improve flexibility for a wider variety of use cases.
PRs welcome. If you wish to make changes to any of shell scripts in the repo, please check them against ShellCheck.