Skip to content
This repository has been archived by the owner on Nov 5, 2023. It is now read-only.

A Carvel package providing a set of reusable blueprints to build Kubernetes-native paved paths to production using Cartographer.

License

Notifications You must be signed in to change notification settings

ThomasVitale/cartographer-blueprints

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ย 

History

30 Commits
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 

Cartographer Blueprints

Test Workflow Release Workflow The SLSA Level 3 badge The Apache 2.0 license badge Follow us on Twitter

Warning This package has been archived. Cartographer blueprints are now included in the cartographer-supply-chains package.

A Carvel package providing a set of reusable blueprints to build Kubernetes-native paved paths to production using Cartographer.

It includes blueprints to deal with several activities like source code watching, testing, building, scanning, configuring, delivering, and deploying.

๐Ÿš€ย  Getting Started

Prerequisites

  • Kubernetes 1.26+

  • Carvel kctrl CLI.

  • Carvel kapp-controller deployed in your Kubernetes cluster. You can install it with Carvel kapp (recommended choice) or kubectl.

    kapp deploy -a kapp-controller -y \
      -f https://github.com/carvel-dev/kapp-controller/releases/latest/download/release.yml

Dependencies

Cartographer Blueprints requires the Cartographer, Tekton Pipelines and Tekton Catalog packages. You can install them from the Kadras package repository.

Installation

Add the Kadras package repository to your Kubernetes cluster:

kctrl package repository add -r kadras-packages \
  --url ghcr.io/kadras-io/kadras-packages \
  -n kadras-packages --create-namespace
Installation without package repository The recommended way of installing the Cartographer Blueprints package is via the Kadras package repository. If you prefer not using the repository, you can add the package definition directly using kapp or kubectl.
kubectl create namespace kadras-packages
kapp deploy -a cartographer-blueprints-package -n kadras-packages -y \
  -f https://github.com/kadras-io/cartographer-blueprints/releases/latest/download/metadata.yml \
  -f https://github.com/kadras-io/cartographer-blueprints/releases/latest/download/package.yml

Install the Cartographer Blueprints package:

kctrl package install -i cartographer-blueprints \
  -p cartographer-blueprints.packages.kadras.io \
  -v ${VERSION} \
  -n kadras-packages

Note You can find the ${VERSION} value by retrieving the list of package versions available in the Kadras package repository installed on your cluster.

kctrl package available list -p cartographer-blueprints.packages.kadras.io -n kadras-packages

Verify the installed packages and their status:

kctrl package installed list -n kadras-packages

๐Ÿ“™ย  Documentation

Documentation, tutorials and examples for this package are available in the docs folder. For documentation specific to Cartographer, check out cartographer.sh.

The package provides several blueprints to design paths to production on Kubernetes using Cartographer.

Source (Flux)

  • supplychain-source-template: it uses Flux to keep track of application changes to a Git or OCI repository and make the source available internally in the cluster.

Image (kpack)

  • kpack-template: it uses kpack, Cloud Native Buildpacks, and Paketo to transform application source code into a production-ready container image.

Test (Tekton)

  • tekton-test-source-template: it runs an instance of a Tekton pipeline to test the application source code.

Scan (Grype and Trivy)

  • tekton-scan-image-template: it provides a template to scan container images with Tekton and the configured vulnerability scanner.
  • tekton-scan-source-template: it provides a template to scan application source code with Tekton and the configured vulnerability scanner.

Conventions (Cartographer)

  • convention-template: it applies configuration and best-practices to workloads at runtime by understanding the developer's intent, using Cartographer Conventions.

Configuration (Carvel)

  • knative-config-template: it uses Carvel kapp to package and configure the application as a Knative Service.

Promotion (Tekton)

  • tekton-write-config-template: it provides a template to publish deployment configuration to a container registry or Git repository for promotion to a specific environment.
  • tekton-write-config-and-pr-template: it provides a template to publish deployment configuration to a Git repository for promotion to a specific environment via a pull request.

Deliverable (Carvel and Flux)

  • deliverable-carvel-app-config-template: it uses Carvel to generate a deliverable resource (App) for deploying the application on a Kubernetes cluster.
  • deliverable-flux-kustomization-template: it uses Flux to generate a deliverable resource (GitRepository and Kustomization) for deploying the application on a Kubernetes cluster.

Deploy (Carvel)

  • app-local-deployment-template: it runs an application packaged as a Carvel App from local configuration.
  • app-gitops-deployment-template: it runs an application packaged as a Carvel App from remote configuration (Git or OCI registry), based on either Carvel or Flux.

๐ŸŽฏย  Configuration

The Cartographer Blueprints package can be customized via a values.yml file.

excluded_blueprints:
  - "knative-config-template"

Reference the values.yml file from the kctrl command when installing or upgrading the package.

kctrl package install -i cartographer-blueprints \
  -p cartographer-blueprints.packages.kadras.io \
  -v ${VERSION} \
  -n kadras-packages \
  --values-file values.yml

Values

The Cartographer Blueprints package has the following configurable properties.

Configurable properties
Config Default Description
excluded_blueprints [] A list of blueprints to esclude from being created in the cluster.
tekton_catalog_namespace tekton-catalog The namespace where the Tekton Catalog package has been installed.

๐Ÿ›ก๏ธย  Security

The security process for reporting vulnerabilities is described in SECURITY.md.

๐Ÿ–Š๏ธย  License

This project is licensed under the Apache License 2.0. See LICENSE for more information.

๐Ÿ™ย  Acknowledgments

This package is inspired by:

About

A Carvel package providing a set of reusable blueprints to build Kubernetes-native paved paths to production using Cartographer.

Topics

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Packages

No packages published