diff --git a/.github/workflows/pipeline.yaml b/.github/workflows/pipeline.yaml
new file mode 100644
index 0000000..8679422
--- /dev/null
+++ b/.github/workflows/pipeline.yaml
@@ -0,0 +1,36 @@
+on:
+ push:
+ branches: [ datree ]
+ pull_request:
+ branches: [ datree ]
+
+env:
+ DATREE_TOKEN: ${{ secrets.DATREE_TOKEN }}
+
+jobs:
+ k8sPolicyCheck:
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: checkout
+ uses: actions/checkout@v2
+ - name: run datree policy check
+ uses: datreeio/action-datree@main
+ with:
+ path: 'kubernetes/datree/example/deployment.yaml'
+ cliArguments: '--only-k8s-files'
+ - name: docker login
+ env:
+ DOCKER_USER: ${{ secrets.DOCKER_USER }}
+ DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
+ run: |
+ docker login -u $DOCKER_USER -p $DOCKER_PASSWORD
+ - name: build
+ run: |
+ docker build ./c# -t aimvector/csharp:1.0.0
+ - name: push
+ run: |
+ docker push aimvector/csharp:1.0.0
+ - name: deploy
+ run: |
+ echo 'deploying...'
\ No newline at end of file
diff --git a/kubernetes/datree/README.md b/kubernetes/datree/README.md
index fc2e0e6..8ddf93e 100644
--- a/kubernetes/datree/README.md
+++ b/kubernetes/datree/README.md
@@ -12,6 +12,8 @@ Let's run a small Alpine linux container
docker run -it -v ${PWD}:/work -v ${HOME}/.kube/:/root/.kube/ -w /work --net host alpine sh
```
+### Install some dependancies
+
Let's install `curl` and `unzip` because the installation script uses those.
We will also install `sudo` since we are running in a container as root and install scripts have `sudo` commands in them.
@@ -19,12 +21,15 @@ We will also install `sudo` since we are running in a container as root and inst
apk add curl unzip bash sudo
```
+### Automatic Installation
+
We can install the latest version of Datree with the command advertised:
```
curl https://get.datree.io | /bin/bash
```
+### Manual Installation
Or we can grab a specific version of `datree` on the GitHub releases page.
For example: [1.5.20](https://github.com/datreeio/datree/releases/tag/1.5.20) binary
@@ -63,10 +68,10 @@ Use "datree [command] --help" for more information about a command.
```
-## Test Kubernetes Manifests
+## Testing Kubernetes Manifests
We have a number of Kubernetes manifests in this repo.
-Datree does a few things for us.
+Datree does a few things for us:
* YAML validation ( Is this YAML well formatted ? )
* Schema validation. ( Is this a Kubernetes YAML file ? For the right version ? )
* Policy checks ( Checks YAML to ensure good practises are followed )
@@ -150,11 +155,9 @@ Checkout the link to access the UI which helps us manage our policies.
## Policy examples
One of the key features about policies is that we can apply rule sets for specific environments.
-Perhaps you have a development environment where policies are a little loose and a staging server that
-has tighter restrictions to match production, or even a regulated environment that has very tight controls.
+Perhaps you have a development environment where policies are a little loose and a staging server that has tighter restrictions to match production, or even a regulated environment that has very tight controls.
We can use the Datree UI to create policies with different sets of rules.
-
We can then tell `datree` about the policy we want it to test against:
```
@@ -332,7 +335,7 @@ Fetching resources, this may take some time depending on the amount of resources
| Total rules skipped | 0 |
| Total rules failed | 0 |
| Total rules passed | 21 |
-| See all rules in policy | https://app.datree.io/login?t=bkVXgLsNQQ1F58hbu7tceE |
+| See all rules in policy | https://app.datree.io/login?t=xxxxxxxxxxxxxxxxxxxxxx |
+-----------------------------------+------------------------------------------------------+
The following cluster resources in namespace 'examples' were checked:
@@ -374,8 +377,8 @@ helm datree test example-app \
## Kustomize
-What if I don't use `helm` and use `kustomize` ?
-Datree has out the box built in `kustomize` support
+What if I don't use `helm` and use `kustomize` instead ?
+Datree has out the box built-in `kustomize` support
Let's test our `kustomize` template from a video I did on `kustomize`
```
diff --git a/kubernetes/datree/github-actions/datree.yaml b/kubernetes/datree/github-actions/datree.yaml
index d6b6026..8679422 100644
--- a/kubernetes/datree/github-actions/datree.yaml
+++ b/kubernetes/datree/github-actions/datree.yaml
@@ -1,22 +1,36 @@
-on:
- push:
- branches: [ datree ]
- pull_request:
- branches: [ datree ]
-
-env:
- DATREE_TOKEN: ${{ secrets.DATREE_TOKEN }}
-
-jobs:
- k8sPolicyCheck:
- runs-on: ubuntu-latest
-
- steps:
- - name: Checkout
- uses: actions/checkout@v2
-
- - name: Run Datree Policy Check
- uses: datreeio/action-datree@main
- with:
- path: 'kubernetes/tutorials/basics/yaml/*'
- cliArguments: '--only-k8s-files'
\ No newline at end of file
+on:
+ push:
+ branches: [ datree ]
+ pull_request:
+ branches: [ datree ]
+
+env:
+ DATREE_TOKEN: ${{ secrets.DATREE_TOKEN }}
+
+jobs:
+ k8sPolicyCheck:
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: checkout
+ uses: actions/checkout@v2
+ - name: run datree policy check
+ uses: datreeio/action-datree@main
+ with:
+ path: 'kubernetes/datree/example/deployment.yaml'
+ cliArguments: '--only-k8s-files'
+ - name: docker login
+ env:
+ DOCKER_USER: ${{ secrets.DOCKER_USER }}
+ DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
+ run: |
+ docker login -u $DOCKER_USER -p $DOCKER_PASSWORD
+ - name: build
+ run: |
+ docker build ./c# -t aimvector/csharp:1.0.0
+ - name: push
+ run: |
+ docker push aimvector/csharp:1.0.0
+ - name: deploy
+ run: |
+ echo 'deploying...'
\ No newline at end of file