Skip to content

trustification/trustify-helm-charts

BranchesTags

Repository files navigation

Deploying Trustify using Helm

From a local checkout

From a local copy of the repository, execute one of the following deployments.

Minikube

Create a new cluster:

minikube start --cpus 8 --memory 24576 --disk-size 20gb --addons ingress,dashboard

Create a new namespace:

kubectl create ns trustify

Use it as default:

kubectl config set-context --current --namespace=trustify

Evaluate the application domain and namespace:

NAMESPACE=trustify
APP_DOMAIN=.$(minikube ip).nip.io

Install the infrastructure services:

helm upgrade --install --dependency-update -n $NAMESPACE infrastructure charts/trustify-infrastructure --values values-minikube.yaml --set-string keycloak.ingress.hostname=sso$APP_DOMAIN --set-string appDomain=$APP_DOMAIN

Then deploy the application:

helm upgrade --install -n $NAMESPACE trustify charts/trustify --values values-minikube.yaml --set-string appDomain=$APP_DOMAIN

Kind

Create a new cluster:

kind create cluster --config kind/config.yaml
kubectl apply -f https://kind.sigs.k8s.io/examples/ingress/deploy-ingress-nginx.yaml

The rest works like the minikube approach. The APP_DOMAIN is different though:

APP_DOMAIN=.$(kubectl get node kind-control-plane -o jsonpath='{.status.addresses[?(@.type == "InternalIP")].address}' | awk '// { print $1 }').nip.io

CRC

Create a new cluster:

crc start --cpus 8 --memory 32768 --disk-size 80

Create a new namespace:

oc new-project trustify

Evaluate the application domain and namespace:

NAMESPACE=trustify
APP_DOMAIN=-$NAMESPACE.$(oc -n openshift-ingress-operator get ingresscontrollers.operator.openshift.io default -o jsonpath='{.status.domain}')

Provide the trust anchor:

oc get secret -n openshift-ingress router-certs-default -o go-template='{{index .data "tls.crt"}}' | base64 -d > tls.crt
oc create configmap crc-trust-anchor --from-file=tls.crt -n trustify
rm tls.crt

Deploy the infrastructure:

helm upgrade --install --dependency-update -n $NAMESPACE infrastructure charts/trustify-infrastructure --values values-ocp-no-aws.yaml --set-string keycloak.ingress.hostname=sso$APP_DOMAIN --set-string appDomain=$APP_DOMAIN

Deploy the application:

helm upgrade --install -n $NAMESPACE trustify charts/trustify --values values-ocp-no-aws.yaml --set-string appDomain=$APP_DOMAIN --values values-crc.yaml

OpenShift with AWS resources

Instead of using Keycloak and the filesystem storage, it is also possible to use AWS Cognito and S3.

Deploy only the application:

helm upgrade --install -n $NAMESPACE trustify charts/trustify --values values-ocp-aws.yaml --set-string appDomain=$APP_DOMAIN

From a released chart

Instead of using a local checkout, you can also use a released chart.

Note

You will still need a "values" files, providing the necessary information. If you don't clone the repository, you'll need to create a value yourself.

For this, you will need to add the following repository:

helm repo add trustify https://trustification.io/trustify-helm-charts/

And then, modify any of the previous helm commands to use:

helm […] --devel trustify/<chart> […]

About

Helm charts for Trustify

www.trustification.io/trustify-helm-charts/

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

7 watching

Forks

1 fork
Report repository

Releases 7

trustify-0.1.0-alpha.28 Latest
Nov 27, 2024
+ 6 releases

Packages

No packages published

Languages