racer159 / uds-core Goto Github PK

View Code? Open in Web Editor NEW

This project forked from defenseunicorns/uds-core

0.0 1.0 0.0 323 KB

A secure runtime platform for mission-critical capabilities

License: Apache License 2.0

TypeScript 55.66% JavaScript 0.37% Smarty 43.96%

uds-core's Introduction

Unicorn Delivery Service - Core (UDS Core)

Warning

UDS Core is in early alpha and is not ready for general use.

UDS Core groups foundational Unicorn Delivery Service applications that are heavily influenced Big Bang.

The core applications are:

Authservice - Authorization
Grafana - Monitoring
Istio - Service Mesh
KeyCloak - Identity & Access Management
Kiali - Service Mesh Observability
Kyverno - Policy Engine
Loki - Log Aggregation
Metrics Server - Metrics
Neuvector - Container Security
Prometheus Stack - Monitoring
Promtail - Log Aggregation
Tempo - Tracing
Velero - Backup & Restore

Prerequisites

Dependency	Minimum Version
Zarf	0.31.1
UDS CLI	0.4.1
NodeJS	LTS or Current

Users

Quickstart

A common need is bootstrapping a new UDS Core environment for development or testing. The commands below will deploy the latest version of UDS Core. See the remaining sections for more details on the different bundles and packages available.

# ARM version
uds deploy oci://ghcr.io/defenseunicorns/packages/uds/bundles/k3d-core:arm64

# AMD version
uds deploy oci://ghcr.io/defenseunicorns/packages/uds/bundles/k3d-core:amd64

The bundle includes the uds.dev certs by default. You can use the UDS environment variables to override the default values. E.g.

# Set environment variables with the contents of your certificate and key files
UDS_ADMIN_TLS_CERT=$(cat admin.crt)
UDS_ADMIN_TLS_KEY=$(cat admin.key)
UDS_TENANT_TLS_CERT=$(cat tenant.crt)
UDS_TENANT_TLS_KEY=$(cat tenant.key)

# AMD version
uds deploy ocs://ghcr.io/defenseunicorns/package/uds/bundles/k3d-core:amd64

UDS Core Packages

UDS core publishes two packages:

core: The standard UDS Core package that is a collection of individual packages that are deployed as a single unit.
core-istio: The UDS Core Istio package that only deploys Istio.

UDS Core Bundles

These bundles are intended for bootstrapping common development & testing environments and should not be used for production. They also serve as examples to create custom bundles.

k3d-core: A bundle to create a local k3d cluster with UDS Core installed.
k3d-core-istio: A bundle to create a local k3d cluster with only Istio from UDS Core installed.

Development: Create, build, and test the UDS Core Package

For complete testing, we test against a UDS Bundle that uses a locally-built Zarf package. Manually testing against the packages found under /packages is also possible using the zarf command.

Create, build, and test the UDS Core Package

uds run test-uds-core

Working with an individual package

The individual packages that make up UDS Core are broken down in src/, the commands below can be used to work with them individually in development.

Create, build, and test a single package (e.g. Neuvector)

UDS_PKG=neuvector uds run test-single-package

To build a single package (e.g. Neuvector)

UDS_PKG=neuvector uds run create-single-package

To deploy a single built package (e.g. Neuvector)

UDS_PKG=neuvector uds run deploy-single-package

To test a single package already deployed (e.g. Neuvector)

uds run -f src/neuvector/tasks/validate.yaml run

uds-core's People

Contributors

Watchers

uds-core's Issues

Renovate Dashboard 🤖

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Rate-Limited

These updates are currently rate-limited. Click on a checkbox below to force their creation now.

Warning

Renovate failed to look up the following dependencies: Failed to look up docker package registry1.dso.mil/ironbank/tetrate/istio/pilot, Failed to look up docker package registry1.dso.mil/ironbank/tetrate/istio/proxyv2, Failed to look up docker package registry1.dso.mil/ironbank/opensource/grafana/loki, Failed to look up docker package registry1.dso.mil/ironbank/opensource/nginx/nginx-alpine, Failed to look up docker package ironbank/neuvector/neuvector/scanner, Failed to look up docker package ironbank/big-bang/base, Failed to look up docker package registry1.dso.mil/ironbank/opensource/prometheus/alertmanager, Failed to look up docker package registry1.dso.mil/ironbank/opensource/kubernetes/kube-state-metrics, Failed to look up docker package registry1.dso.mil/ironbank/opensource/prometheus/prometheus, Failed to look up docker package registry1.dso.mil/ironbank/opensource/prometheus/node-exporter, Failed to look up docker package registry1.dso.mil/ironbank/opensource/ingress-nginx/kube-webhook-certgen, Failed to look up docker package registry1.dso.mil/ironbank/opensource/prometheus-operator/prometheus-operator, Failed to look up docker package registry1.dso.mil/ironbank/opensource/prometheus-operator/prometheus-config-reloader, Failed to look up docker package registry1.dso.mil/ironbank/opensource/grafana/promtail, Failed to look up docker package registry1.dso.mil/ironbank/opensource/jimmidyson/configmap-reload.

Files affected: src/istio/values/registry1-values.yaml, src/loki/values/registry1-values.yaml, src/neuvector/values/registry1-values.yaml, src/prometheus-stack/values/registry1-values.yaml, src/promtail/values/registry1-values.yaml, src/prometheus-stack/zarf.yaml

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

Detected dependencies

github-actions

.github/actions/save-logs/action.yaml

actions/upload-artifact v3.1.3@a8a3f3ad30e3422c9c7b888a15615d19a852ae32

.github/actions/setup/action.yaml

defenseunicorns/setup-zarf main

actions/setup-node v4.0.0@8f152de45cc393bb48ce5d89d36b731f54556e65

Homebrew/actions master

.github/workflows/commitlint.yaml

actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11

actions/setup-node v4.0.0@8f152de45cc393bb48ce5d89d36b731f54556e65

.github/workflows/pull-request-conditionals.yaml

actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11

dorny/paths-filter v2

.github/workflows/tag-and-release.yml

google-github-actions/release-please-action v3

actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11

docker/login-action v3

.github/workflows/test.yaml

actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11

helm-values

src/grafana/values/values.yaml

ghcr.io/kiwigrid/k8s-sidecar 1.25.2

src/istio/values/registry1-values.yaml

registry1.dso.mil/ironbank/tetrate/istio/pilot 1.19.3-tetratefips-v0

registry1.dso.mil/ironbank/tetrate/istio/proxyv2 1.19.3-tetratefips-v0

registry1.dso.mil/ironbank/tetrate/istio/proxyv2 1.19.3-tetratefips-v0

src/loki/values/registry1-values.yaml

registry1.dso.mil/ironbank/opensource/grafana/loki 2.9.2

registry1.dso.mil/ironbank/opensource/nginx/nginx-alpine 1.25.2

src/neuvector/values/registry1-values.yaml

ironbank/neuvector/neuvector/scanner 5

ironbank/big-bang/base 2.1.0

src/prometheus-stack/values/registry1-values.yaml

registry1.dso.mil/ironbank/opensource/prometheus/alertmanager v0.26.0

registry1.dso.mil/ironbank/opensource/kubernetes/kube-state-metrics v2.10.1

registry1.dso.mil/ironbank/opensource/prometheus/prometheus v2.47.2

registry1.dso.mil/ironbank/opensource/prometheus/node-exporter v1.6.1

registry1.dso.mil/ironbank/opensource/ingress-nginx/kube-webhook-certgen v1.3.0

registry1.dso.mil/ironbank/opensource/prometheus-operator/prometheus-operator v0.69.1

registry1.dso.mil/ironbank/opensource/prometheus-operator/prometheus-config-reloader v0.69.1

src/promtail/values/registry1-values.yaml

registry1.dso.mil/ironbank/opensource/grafana/promtail v2.9.2

registry1.dso.mil/ironbank/opensource/jimmidyson/configmap-reload v0.8.0

kubernetes

src/grafana/chart/templates/networkpolicies/default-deny-all.yaml

NetworkPolicy networking.k8s.io/v1

src/grafana/chart/templates/networkpolicies/egress-grafana.yaml

NetworkPolicy networking.k8s.io/v1

src/grafana/chart/templates/networkpolicies/egress-istiod.yaml

NetworkPolicy networking.k8s.io/v1

src/grafana/chart/templates/networkpolicies/egress-tempo.yaml

NetworkPolicy networking.k8s.io/v1

src/grafana/chart/templates/networkpolicies/ingress-istio.yaml

NetworkPolicy networking.k8s.io/v1

src/grafana/chart/templates/networkpolicies/ingress-tempo.yaml

NetworkPolicy networking.k8s.io/v1

src/grafana/chart/templates/networkpolicies/namespace-allow.yaml

NetworkPolicy networking.k8s.io/v1

src/loki/chart/templates/networkpolicies/allow-sidecar-scraping.yaml

NetworkPolicy networking.k8s.io/v1

src/loki/chart/templates/networkpolicies/default-deny-all.yaml

NetworkPolicy networking.k8s.io/v1

src/loki/chart/templates/networkpolicies/egress-dns.yaml

NetworkPolicy networking.k8s.io/v1

src/loki/chart/templates/networkpolicies/egress-external-services.yaml

NetworkPolicy networking.k8s.io/v1

src/loki/chart/templates/networkpolicies/egress-istiod.yaml

NetworkPolicy networking.k8s.io/v1

src/loki/chart/templates/networkpolicies/egress-tempo.yaml

NetworkPolicy networking.k8s.io/v1

src/loki/chart/templates/networkpolicies/ingress-monitoring.yaml

NetworkPolicy networking.k8s.io/v1

src/loki/chart/templates/networkpolicies/ingress-ns.yaml

NetworkPolicy networking.k8s.io/v1

src/loki/chart/templates/networkpolicies/ingress-promtail.yaml

NetworkPolicy networking.k8s.io/v1

src/neuvector/chart/templates/network-policies/default-deny-all.yaml

NetworkPolicy networking.k8s.io/v1

src/neuvector/chart/templates/network-policies/egress-dns.yaml

NetworkPolicy networking.k8s.io/v1

src/neuvector/chart/templates/network-policies/egress-istiod.yaml

NetworkPolicy networking.k8s.io/v1

src/neuvector/chart/templates/network-policies/egress-kube-api.yaml

NetworkPolicy networking.k8s.io/v1

NetworkPolicy networking.k8s.io/v1

src/neuvector/chart/templates/network-policies/ingress-istio.yaml

NetworkPolicy networking.k8s.io/v1

src/neuvector/chart/templates/network-policies/ingress-monitoring.yaml

NetworkPolicy networking.k8s.io/v1

src/neuvector/chart/templates/network-policies/ingress-sidecar-monitoring.yaml

NetworkPolicy networking.k8s.io/v1

src/neuvector/chart/templates/network-policies/namespace-allow.yaml

NetworkPolicy networking.k8s.io/v1

src/promtail/chart/templates/networkpolicies/allow-loki-egress-promtail.yaml

NetworkPolicy networking.k8s.io/v1

src/promtail/chart/templates/networkpolicies/allow-to-istiod-promtail.yaml

NetworkPolicy networking.k8s.io/v1

src/promtail/chart/templates/networkpolicies/default-deny-promtail.yaml

NetworkPolicy networking.k8s.io/v1

src/promtail/chart/templates/networkpolicies/egress-api.yaml

NetworkPolicy networking.k8s.io/v1

src/promtail/chart/templates/networkpolicies/egress-dns-promtail.yaml

NetworkPolicy networking.k8s.io/v1

src/promtail/chart/templates/networkpolicies/egress-tempo-promtail.yaml

NetworkPolicy networking.k8s.io/v1

src/promtail/chart/templates/networkpolicies/ingress-egress-namespace-promtail.yaml

NetworkPolicy networking.k8s.io/v1

src/promtail/chart/templates/networkpolicies/ingress-scraping-promtail.yaml

NetworkPolicy networking.k8s.io/v1

src/promtail/chart/templates/networkpolicies/ingress-sidecar-scraping-promtail.yaml

NetworkPolicy networking.k8s.io/v1

src/test/app-admin.yaml

Deployment apps/v1

src/test/app-tenant.yaml

Deployment apps/v1

npm

package.json

pepr 0.18.1

@jest/globals 29.7.0

jest 29.7.0

ts-jest 29.1.1

typescript 5.2.2

node >=18.0.0

regex

.github/actions/setup/action.yaml

.vscode/settings.json

defenseunicorns/uds-cli v0.4.1

defenseunicorns/uds-cli v0.4.1

defenseunicorns/zarf v0.31.1

.github/workflows/commitlint.yaml

@commitlint/config-conventional 18.6.0

@commitlint/cli 18.6.0

.github/actions/setup/action.yaml

defenseunicorns/zarf v0.31.1

bundles/k3d-istio/uds-bundle.yaml

defenseunicorns/uds-k3d 0.2.1

defenseunicorns/zarf v0.31.1

bundles/k3d-standard/uds-bundle.yaml

defenseunicorns/uds-k3d 0.2.1

defenseunicorns/zarf v0.31.1

tasks/setup.yaml

defenseunicorns/uds-k3d 0.2.1-multi

.github/actions/setup/action.yaml

defenseunicorns/uds-cli 0.4.1

src/grafana/zarf.yaml

docker.io/grafana/grafana 10.1.5

docker.io/curlimages/curl 7.85.0

docker.io/library/busybox 1.31.1

ghcr.io/kiwigrid/k8s-sidecar 1.25.2

src/istio/zarf.yaml

docker.io/istio/pilot 1.19.3-distroless

docker.io/istio/proxyv2 1.19.3-distroless

src/loki/zarf.yaml

docker.io/grafana/loki 2.9.2

docker.io/nginxinc/nginx-unprivileged 1.24-alpine

src/metrics-server/zarf.yaml

registry.k8s.io/metrics-server/metrics-server v0.6.4

src/neuvector/zarf.yaml

docker.io/neuvector/controller 5.2.3

docker.io/neuvector/manager 5.2.3

docker.io/neuvector/enforcer 5.2.3

src/prometheus-stack/zarf.yaml

quay.io/prometheus/node-exporter v1.6.1

quay.io/prometheus-operator/prometheus-operator v0.69.1

registry.k8s.io/kube-state-metrics/kube-state-metrics v2.10.1

quay.io/prometheus/alertmanager v0.26.0

quay.io/prometheus-operator/prometheus-config-reloader v0.69.1

quay.io/prometheus/prometheus v2.47.2

registry.k8s.io/ingress-nginx/kube-webhook-certgen v20221220-controller-v1.5.1-58-g787ea74b6

registry1.dso.mil/ironbank/opensource/prometheus/node-exporter v1.6.1

registry1.dso.mil/ironbank/opensource/prometheus-operator/prometheus-operator v0.68.0

registry1.dso.mil/ironbank/opensource/kubernetes/kube-state-metrics v2.10.0

registry1.dso.mil/ironbank/opensource/prometheus/alertmanager v0.26.0

registry1.dso.mil/ironbank/opensource/prometheus-operator/prometheus-config-reloader v0.68.0

registry1.dso.mil/ironbank/opensource/prometheus/prometheus v2.47.0

registry1.dso.mil/ironbank/opensource/ingress-nginx/kube-webhook-certgen v1.3.0

src/promtail/zarf.yaml

docker.io/jimmidyson/configmap-reload v0.8.0

docker.io/grafana/promtail 2.9.2

src/grafana/zarf.yaml

grafana 7.0.6

src/istio/zarf.yaml

base 1.19.3

istiod 1.19.3

gateway 1.19.3

gateway 1.19.3

gateway 1.19.3

src/loki/zarf.yaml

loki 5.36.3

src/metrics-server/zarf.yaml

metrics-server 3.11.0

src/neuvector/zarf.yaml

crd 2.6.5

core 2.6.5

monitor 2.6.5

src/prometheus-stack/zarf.yaml

prometheus-operator-crds 7.0.0

kube-prometheus-stack 54.0.1

src/promtail/zarf.yaml

promtail 6.15.3

bundles/k3d-istio/uds-bundle.yaml

ghcr.io/defenseunicorns/packages/uds-k3d 0.2.1

ghcr.io/defenseunicorns/packages/init v0.31.1

bundles/k3d-standard/uds-bundle.yaml

ghcr.io/defenseunicorns/packages/uds-k3d 0.2.1

ghcr.io/defenseunicorns/packages/init v0.31.1

Check this box to trigger a request for Renovate to run again on this repository

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.