Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Palette CLI Encryption #5213

Merged
merged 10 commits into from
Jan 6, 2025
Merged

Palette CLI Encryption #5213

Show file tree
Hide file tree
Changes from 9 commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
a865831
docs: PLT-1516
karl-cardenas-coding Jan 2, 2025
7007a08
Merge branch 'release-4-5-c' into PLT-1516
karl-cardenas-coding Jan 2, 2025
4c55769
docs: updated commands. PDE is wip
karl-cardenas-coding Jan 2, 2025
d7d96ad
docs: updated all CLI commands
karl-cardenas-coding Jan 3, 2025
ad175ad
docs: update PCG section
karl-cardenas-coding Jan 3, 2025
1e04206
docs: updated self-hosted install guides
karl-cardenas-coding Jan 3, 2025
dda330b
docs: vale corrections
karl-cardenas-coding Jan 3, 2025
a22bdef
docs: apply suggestions from code review
karl-cardenas-coding Jan 6, 2025
ab2cd5e
docs: Apply suggestions from code review
karl-cardenas-coding Jan 6, 2025
f8e1eb5
ci: auto-formatting prettier issues
karl-cardenas-coding Jan 6, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions docs/docs-content/automation/palette-cli/commands/commands.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,15 @@ Palette CLI supports the following global flags.
| `-l` | `--log-level` | Log level. Allowed values: `panic` `fatal` `error` `warn` `info` `debug` `trace` (default `info`) | string |
| `-w` | `--workspace` | Workspace location for staging runtime configurations and logs (default `$HOME/.palette`) | string |

## Environment Variables

The Palette CLI supports the following environment variables.

| Variable Name | Description | Type |
| ----------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ |
| `DISABLE_KIND_CLUSTER_CHECK` | If set to `true,` the Palette CLI will not check for existing kind clusters or whether the deployed kind cluster is up and active. | bool |
| `PALETTE_ENCRYPTION_PASSWORD` | The encryption passphrase Palette CLI will use to encrypt sensitive data. The passphrase must between 8 to 32 characters long with a capital letter, a lower letter, a digit and a special character. | string |

## Resources

- [Docs](docs.md)
Expand Down
24 changes: 15 additions & 9 deletions docs/docs-content/automation/palette-cli/commands/ec.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,11 @@ The `ec` command exposes the following subcommand.
- Docker is required to install a PCG cluster. Refer to the [Docker](https://docs.docker.com/get-docker/) documentation
to learn how to install Docker on your system.

- You must provide an encryption passphrase to secure sensitive data. The passphrase must be between 8 to 32 characters
long and contain a capital letter, a lowercase letter, a digit, and a special character. You can provide the
passphrase through the `PALETTE_ENCRYPTION_PASSWORD` environment variable or the `-k` or `--encryption-passphrase`
flag. Refer to the [Encryption](./../palette-cli.md#encryption) section for more information on encryption.

## Install

The `install` subcommand installs a Palette Enterprise Cluster in your target environment. You can install Palette or
Expand All @@ -37,15 +42,16 @@ you for required values. Alternatively, you can use flags to generate a configur

<br />

| Short Flag | Long Flag | Description | Type |
| ---------- | ---------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
| `-f` | `--config-file` | Install using a configuration file (optional). Use `-config-only` to generate a configuration file. | string |
| `-d` | `--skip-teardown` | Skip tear down of the kind cluster in case of errors. | boolean |
| `-o` | `--config-only` | Generate configuration file only. This command will not proceed with installation. | boolean |
| `-v` | `--custom-values-file` | Enterprise Cluster custom values.yaml configuration file (optional). Use this to customize the cluster profile of the Enterprise Cluster. Refer to the [custom value file](#custom-value-file) section for more information. | string |
| `-p` | `--update-passwords` | Update passwords only. Do not proceed with installation. The `--config-file` flag must also be provided. | string |
| `-t` | `--update-tokens` | Update authentication tokens only. Do not proceed with installation. The `--config-file` flag must be provided. | boolean |
| - | `--validate` | Scan the environment and conduct validation before the enterprise cluster is installed. | boolean |
| Short Flag | Long Flag | Description | Type |
| ---------- | ------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
| `-f` | `--config-file` | Install using a configuration file (optional). Use `-config-only` to generate a configuration file. | string |
| `-d` | `--skip-teardown` | Skip teardown of the kind cluster in case of errors. | boolean |
karl-cardenas-coding marked this conversation as resolved.
Show resolved Hide resolved
| `-k` | `--encryption-passphrase` | Encryption passphrase to secure sensitive data. The passphrase must be between 8 to 32 characters long and contain a capital letter, a lowercase letter, a digit, and a special character. Can be set through the environment variable `PALETTE_ENCRYPTION_PASSWORD`. Refer to the [Encryption](./../palette-cli.md#encryption) section for more information on encryption. | string |
| `-o` | `--config-only` | Generate configuration file only. This command will not proceed with installation. | boolean |
| `-v` | `--custom-values-file` | Enterprise cluster custom values.yaml configuration file (optional). Use this to customize the cluster profile of the enterprise cluster. Refer to the [custom value file](#custom-value-file) section for more information. | string |
| `-p` | `--update-passwords` | Update passwords only. Do not proceed with installation. The `--config-file` flag must also be provided. | string |
| `-t` | `--update-tokens` | Update authentication tokens only. Do not proceed with installation. The `--config-file` flag must be provided. | boolean |
| - | `--validate` | Scan the environment and conduct validation before the enterprise cluster is installed. | boolean |

### Examples

Expand Down
18 changes: 13 additions & 5 deletions docs/docs-content/automation/palette-cli/commands/import.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,13 +23,21 @@ imported clusters.

- Ensure you have `admin` or `cluster-admin` permissions on the cluster you are importing.

- You must log in to Palette using the `login` command before importing clusters.

- You must provide an encryption passphrase to secure sensitive data. The passphrase must be between 8 to 32 characters
long and contain a capital letter, a lowercase letter, a digit, and a special character. You can provide the
passphrase through the `PALETTE_ENCRYPTION_PASSWORD` environment variable or the `-k` or `--encryption-passphrase`
flag. Refer to the [Encryption](./../palette-cli.md#encryption) section for more information on encryption.

<br />

| **Long Flag** | **Description** | **Type** |
| ------------------ | ---------------------------------------------------------------------------- | -------- |
| `--kubeconfig` | Path to the kubeconfig for the cluster you would like to import (optional) | string |
| `--kubeconfig-dir` | Path to directory containing kubeconfigs for one or more clusters (optional) | string |
| `--uuid` | If true, a partial UUID is appended to each cluster name (optional) | boolean |
| **Short Flag** | **Long Flag** | **Description** | **Type** |
| -------------- | -------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- |
| `-k` | `---encryption-passphrase` | Encryption passphrase to secure sensitive data. The passphrase must be between 8 to 32 characters long and contain a capital letter, a lowercase letter, a digit, and a special character. Can be set through the environment variable `PALETTE_ENCRYPTION_PASSWORD`. Refer to the [Encryption](./../palette-cli.md#encryption) section for more information on encryption. | string |
| - | `--kubeconfig` | Path to the kubeconfig for the cluster you would like to import (optional) | string |
| - | `--kubeconfig-dir` | Path to directory containing kubeconfigs for one or more clusters (optional) | string |
| - | `--uuid` | If true, a partial UUID is appended to each cluster name (optional) | boolean |

:::info

Expand Down
Loading
Loading