DevFW-CICD/website-and-documentation
23
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added article about kyverno integration for idpbuilder

Browse source
This commit is contained in:
evdo 2024-10-10 08:35:49 +02:00
parent f6149c748d
commit a4ec27e18d
3 changed files with 46 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
content/en/docs/solution/tools/idpbuilder/installation/_index.md → content/en/docs/solution/tools/idpbuilder/installation/__index.md
View file

@ -348,4 +348,4 @@ Optimizations:
- Remove or configure gitea.cnoe.localtest.me, it seems not to work even in the idpbuilder local installation with KIND.
- Improvements to the idpbuilder to support Kubernetes instances other then KIND. This can either be done by parametrization or by utilizing Terraform / OpenTOFU or Crossplane.
- Improvements to the idpbuilder to support Kubernetes instances other then KIND. This can either be done by parametrization or by utilizing Terraform / OpenTOFU or Crossplane.

45
content/en/docs/solution/tools/idpbuilder/kyverno integration/__index.md Normal file
View file

@ -0,0 +1,45 @@
+++
title = "Kyverno integration"
weight = 4
+++
## Kyverno Overview
Kyverno is a policy engine for Kubernetes designed to enforce, validate, and mutate configurations of Kubernetes resources. It allows administrators to define policies as Kubernetes custom resources (CRDs) without requiring users to learn a new language or system.
### Key Uses
1. **Policy Enforcement**: Kyverno ensures resources comply with security, operational, or organizational policies, such as requiring specific labels, annotations, or resource limits.
2. **Validation**: It checks resources against predefined rules, ensuring configurations are correct before they are applied to the cluster.
3. **Mutation**: Kyverno can automatically modify resources on-the-fly, adding missing fields or values to Kubernetes objects.
4. **Generation**: It can generate resources like ConfigMaps or Secrets automatically when needed, helping to maintain consistency.
Kyverno simplifies governance and compliance in Kubernetes environments by automating policy management and ensuring best practices are followed.
## Prerequisites
Same as for idpbuilder installation
- Docker Engine
- Go
- kubectl
- kind
## Installation
### Build process
For building idpbuilder the source code needs to be downloaded and compiled:
```
git clone https://github.com/cnoe-io/idpbuilder.git
cd idpbuilder
go build
```
### Start idpbuilder
To start the idpbuilder with kyverno integration execute the following command:
```
idpbuilder create --use-path-routing -p https://github.com/cnoe-io/stacks//ref-implementation -p https://github.com/cnoe-io/stacks//kyverno-integration
```
After this step, you can see in ArgoCD that kyverno was installed

BIN
content/en/docs/solution/tools/idpbuilder/kyverno integration/kyverno.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 165 KiB