The Anchore Engine Operator provides an easy way to deploy the Anchore Engine Helm chart to Kubernetes clusters.
This Operator is based on the official Helm Chart.
The Makefile will install the Operator SDK and kustomize for you.
Install kubectl.
You will need a running Kubernetes cluster to install Anchore Engine using this Operator.
To stand up an Anchore Engine deployment on your cluster using the engine-operator, issue the follow command:
make install
make deployTo delete the Anchore Engine deployment and the engine-operator from your cluster, issue the follow command:
make uninstall
make undeploy-
Install or update the Operator SDK CLI tool
-
Copy the latest anchore-engine Helm chart to
helm-charts/anchore-engine -
Update
config/manager/manager.yamlENV variables with images used by the current anchore-engine helm chart... env: - name: RELATED_IMAGE_ANCHORE_ENGINE value: docker.io/anchore/anchore-engine:v0.10.0 - name: RELATED_IMAGE_ANCHORE_POSTGRESQL value: docker.io/postgres:9.6.18
-
Update
config/manager/manager_redhat_patch.yamlENV variables with the current images pushed up to the RedHat image repository... env: - name: RELATED_IMAGE_ANCHORE_ENGINE value: registry.connect.redhat.com/anchore/engine0:v0.10.0-r0 - name: RELATED_IMAGE_ANCHORE_POSTGRESQL value: registry.redhat.io/rhel8/postgresql-96:latest
-
Update all resource with the latest operator-sdk version
-
Update
Dockerfilewith latest helm-operator image (matching the version of the operator-sdk used to update the Operator)FROM quay.io/operator-framework/helm-operator:<LATEST_VERSION>
-
Update
scorecard/patches/[basic.config.yaml][olm.config.yaml]with latest scorecard-test image (matching the version of the operator-sdk used to update the Operator)image: quay.io/operator-framework/scorecard-test:<LATEST_VERSION>
-
Implement all required changes for the sdk version upgrade (as well as previous versions if upgrading multiple versions) - Upgrade SDK Version
-
-
Update
Makefilewith current Operator versionVERSION ?= 1.0.0 -
Update
Dockerfilewith the current Operator versionLABEL name="Anchore Engine Operator" \ vendor="Anchore Inc." \ maintainer="dev@anchore.com" \ version="v1.0.0" \
-
Create a new Operator bundle and image, then push them to DockerHub & RedHat OperatorHub
make docker-build make docker-push make docker-push-redhat make docker-bundle-build make docker-bundle-push
-
Commit all changes & push to remote branch for PR
Install the following:
make test-
Login using
kubeadminand the password fromcrc startstdout -
Navigate to Operators -> Install Operators -> Anchore Engine Operator
-
Deploy an instance of anchore-engine from the Anchore Engine OperatorG
- Under
Provided APIsclick theCreate Instancebutton - Add labels or update the name as needed
- If you want to customize the anchore-engine deployment, use a YAML spec and add custom values
- click the
Createbutton
- Under
-
Ensure that anchore-engine deployed correctly by checking the status of all pods under the
Resourcestab -
Port forward anchore-engine API pod & check anchore-engine status
kubectl port-forward svc/anchoreengine-sample-anchore-engine-api 8228:8228 ANCHORE_CLI_PASS=$(kubectl get secret anchoreengine-sample-anchore-engine-admin-pass -o 'go-template={{index .data "ANCHORE_ADMIN_PASSWORD"}}' | base64 -D -) anchore-cli system status
unset OPERATOR_TEST_MODE
make clean
crc stop
crc delete- Sometimes the helm deployment can fail, this creates a situation where the anchoreengine.charts.anchore.io CR is stuck and cannot be deleted. To delete a stuck
anchoreengine-sampleCR run the following command:
kubectl patch anchoreengines.charts.anchore.io anchoreengine-sample -p '{"metadata":{"finalizers":[]}}' --type=mergegolang Operator Lifecycle Manager Operator SDK crc OpenShift CLI (oc) kustomize kubectl