|
4 | 4 |
|
5 | 5 | ### Prerequisites |
6 | 6 |
|
7 | | -#### Golang |
| 7 | +#### Golang |
8 | 8 |
|
9 | | -The operator is written in Golang. |
10 | | -To build the operator you will need to install [Go](https://golang.org/). |
| 9 | +The operator is written in Golang. To build the operator you will need to install [Go](https://golang.org/). |
11 | 10 |
|
12 | 11 | #### Minikube or Kind |
13 | 12 |
|
14 | | -For local development we recommend to use [Minikube](https://kubernetes.io/docs/tasks/tools/install-minikube/) or [kind](https://github.com/kubernetes-sigs/kind). If you are using MacOS or Windows you can also use the kubernetes cluster included within Docker for Mac/Windows. |
15 | | -All of these tools will enable you to run a local kubernetes cluster on your development machine. |
| 13 | +For local development we recommend to use [Minikube](https://kubernetes.io/docs/tasks/tools/install-minikube/) or [kind](https://github.com/kubernetes-sigs/kind). If you are using MacOS or Windows you can also use the kubernetes cluster included within Docker for Mac/Windows. All of these tools will enable you to run a local kubernetes cluster on your development machine. |
16 | 14 |
|
17 | | -#### Operating your local kubernetes cluster |
| 15 | +#### Operating Your Local Kubernetes Cluster |
18 | 16 |
|
19 | | -To operate your (local) kubernetes cluster you will need to install [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) and [helm](https://helm.sh/) |
| 17 | +To operate your (local) Kubernetes cluster you will need to install [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) and [helm](https://helm.sh/) |
| 18 | + |
| 19 | +#### macOS |
| 20 | + |
| 21 | +For macOs simply use [Homebrew](https://brew.sh/) to install all the tools: |
| 22 | + |
| 23 | +```bash |
| 24 | +brew cask install docker |
| 25 | +brew install go helm |
| 26 | +``` |
| 27 | + |
| 28 | +After that start the `Docker.app` and go to it's settings and start Kubernetes. |
20 | 29 |
|
21 | 30 | #### Minio |
22 | 31 |
|
23 | 32 | For your local development you will need a S3 compatible storage. |
24 | | -We would recommend to use [Minio](https://min.io/download#/) inside a podman or docker container. |
| 33 | +We would recommend to use [Minio](https://min.io/download#/) inside a Podman or docker container. |
| 34 | + |
| 35 | +##### If You Want to Use Podman |
25 | 36 |
|
26 | 37 | ```bash |
27 | | -# if you want to use podman |
28 | | -$ podman run --name minio -p 9000:9000 minio/minio server /data |
29 | | -# if you want to use docker |
30 | | -$ docker run --name minio -p 9000:9000 minio/minio server /data |
| 38 | +podman run \ |
| 39 | + --name minio \ |
| 40 | + -p 9000:9000 \ |
| 41 | + minio/minio \ |
| 42 | + server /data |
31 | 43 | ``` |
32 | 44 |
|
33 | | -In the Minio management GUI you will need to add a new bucket for the operator. |
34 | | -The default credentials for your minio instance are *minioadmin:minioadmin*. |
35 | | -You might change those. |
| 45 | +##### If You Want to Use Docker |
| 46 | + |
| 47 | +```bash |
| 48 | +docker container run \ |
| 49 | + --name minio \ |
| 50 | + -p 9000:9000 \ |
| 51 | + -d \ |
| 52 | + --rm \ |
| 53 | + minio/minio \ |
| 54 | + server /data |
| 55 | +``` |
36 | 56 |
|
37 | | -After setting up your bucket you will need to specify some environment variables to enable the operator to use the bucket. |
38 | | -You could add these to your *.bashrc* or *.zshrc* as well. |
| 57 | +In the Minio management GUI you will need to add a new bucket for the operator. The default credentials for your minio instance are `minioadmin:minioadmin`. You might change those. Go to the management UI at <http://localhost:9000/> and add a new bucket. After creating your bucket you will need to specify some environment variables to enable the operator to use the bucket. For that export these variables: |
39 | 58 |
|
40 | 59 | ```bash |
41 | | -$ export S3_ACCESS_KEY="your-minio-access-key" |
42 | | -$ export S3_SECRET_KEY="your-minio-secret-key" |
43 | | -$ export S3_BUCKET="name-of-your-bucket" |
44 | | -$ export S3_USE_SSL="false" # This ensures that the operator will connect even without HTTPS |
45 | | -$ export S3_ENDPOINT="<your.local.ip1address>:9000/" |
| 60 | +export S3_ACCESS_KEY="your-minio-access-key" |
| 61 | +export S3_SECRET_KEY="your-minio-secret-key" |
| 62 | +export S3_BUCKET="name-of-your-bucket" |
| 63 | +export S3_USE_SSL="false" # This ensures that the operator will connect even without HTTPS |
| 64 | +export S3_ENDPOINT="127.0.0.1:9000" |
46 | 65 | ``` |
47 | 66 |
|
48 | | -### Build and run the operator |
| 67 | +You can save time by using [direnv](https://direnv.net/) to export these variables in your project. If you use direnv just add a file `.s3_credentials` with your Minio credentials. |
| 68 | + |
| 69 | +### Build and Run the Operator |
49 | 70 |
|
50 | | -To build an run the operator you can simply execute *make* in the *operator* directory of this repository. |
| 71 | +To build an run the operator you can simply execute `make` in the `operator` directory of this repository: |
51 | 72 |
|
52 | 73 | ```bash |
53 | | -$ make |
| 74 | +cd operator |
| 75 | +make |
54 | 76 | ``` |
55 | 77 |
|
56 | | -To run the operator locally you can simply execute *make run* |
| 78 | +This will produce the operator as `bin/manager`. If you wonder why the operator is named _manager_ (the resulting binary). The reason for that is in Kubernetes a combination of more than one _controller_ is called _controller-manager_ or short _manager_. In contrast _operator_ is created by the community to name a _controller-manager_ which controls _custom resources_ and hence we use _custom resources_. (see <https://book.kubebuilder.io/> for further information) |
| 79 | + |
| 80 | +To run the operator locally you can simply execute `make run` in the `operator` directory of this repository: |
57 | 81 |
|
58 | | -*NOTICE:* You will need to uninstall the operator from your local cluster first or it will result in undefined behavior! |
| 82 | +*NOTICE:* You will need to uninstall the operator with `helm -n securecodebox-system uninstall securecodebox-operator` from your local cluster, if you've installed it via helm. Unless both operators try to work on the same cluster which may cause unexpected behavior. |
59 | 83 |
|
60 | 84 | ```bash |
61 | | -$ make run |
| 85 | +cd operator |
| 86 | +make run |
62 | 87 | ``` |
63 | 88 |
|
64 | | -## How to a new security scanner |
| 89 | +## How to a New Security Scanner |
65 | 90 |
|
66 | 91 | ### ScanType Definition |
67 | 92 |
|
68 | 93 | ### Parsing SDK |
69 | 94 |
|
70 | | -## How to integrate a new hook |
| 95 | +## How to Integrate a New Hook |
71 | 96 |
|
72 | 97 | ### HookType Definition |
73 | 98 |
|
74 | 99 | ### Hook SDK |
75 | 100 |
|
76 | | -# Guidelines |
| 101 | +## Guidelines |
77 | 102 |
|
78 | | -## Coding Guidelines |
| 103 | +### Coding Guidelines |
79 | 104 |
|
80 | | -### JSON |
| 105 | +#### JSON |
81 | 106 |
|
82 | | -We're using snake_case (lower case) for json attributes. If an enum type is used as attribute its converted to lower case. If it's an value it's always used UPPERCASE. This is to hold the attribute api consistent, but make shure Enums are recognized as enums. |
| 107 | +We're using snake_case (lower case) for json attributes. If an enum type is used as attribute its converted to lower case. If it's an value it's always used UPPERCASE. This is to hold the attribute api consistent, but make sure Enums are recognized as enums. |
83 | 108 |
|
84 | 109 | ```json |
85 | 110 | { |
|
0 commit comments