See rhtap-cli instead.
This helm chart installs and configures the following projects/products :
| Product | Installation | Configuration |
|---|---|---|
| Developer Hub | Rolled out via Helm Chart | Controlled by the values YAML file. |
| OpenShift GitOps | Operator Subscription |
Controlled by the values YAML file. If a subscription already exists, the installation will not modify it. A new instance ArgoCD will be created. |
| OpenShift Pipelines | Operator Subscription |
Controlled by the values YAML file. If a subscription already exists, the installation will not modify it. In all cases, the TektonConfig will be modified to enable Tekton Chains and the signing secret will be setup. |
| Trusted Artifact Signer | Operator Subscription |
Default operator install & SecureSign instance |
| Trusted Profile Analyzer | Rolled out via Helm Charts tpa-infrastructure and tpa |
Controlled by the values YAML file |
| Quay | (TODO) | |
| Advanced Cluster Security | (TODO) |
Note: If a subscription for an operator already exists, the installation will not tamper with it. Please make sure you're using a supported version of that product. See Compatibility matrix for 1.0.
- Helm CLI.
- An ACS endpoint and the associated API token.
- A GitHub App and its associated information (c.f. Create a Pipelines-as-Code GitHub App).
General- Use placeholder values for
Homepage URL,Callback URLandWebhook URL. - Generate a
Webhook secret.
- Use placeholder values for
Permissions & events- Follow the instructions from the Pipelines-as-Code documentation.
Repository permissionsAdministration:Read and write
- The GitHub App must be installed at the organization/user level.
-
Login to an OpenShift 4.14 cluster.
-
Add the helm repository to your local system:
helm repo add rhtap https://redhat-appstudio.github.io/helm-repositoryIf you've already added this, run a
helm repo updateto pull the latest packages. -
Copy
values.yamltoprivate-values.yaml, and set your configuration parameters. You have the option to usebin/make.sh valuesto generate the configuration YAML. -
Install/upgrade RHTAP
helm upgrade installer rhtap/redhat-trusted-application-pipeline --install --create-namespace --namespace rhtap --timeout 20m --values private-values.yamlSample output:
NAME: installer LAST DEPLOYED: Fri Jan 12 12:21:01 2024 NAMESPACE: rhtap STATUS: deployed REVISION: 1 NOTES: Thank you for installing redhat-trusted-application-pipeline. [...]Run the pipeline to get the configuration information as per the
NOTESsection of the helm output. Use the logs information to finish the setup of the GitHub App:Homepage URL:.pipelines.pipelines-as-code.homepage-urlCallback URL:.pipelines.pipelines-as-code.callback-urlWebhook URL:.pipelines.pipelines-as-code.webhook-url
Note: Uninstalling RHTAP will not unsinstall any operators that were deployed during the installation.
-
Uninstall RHTAP:
./bin/make.sh uninstall --namespace rhtap --app-name installer
If you do not want to use make.sh, perform the following actions:
- Delete all
applicationsCRs from therhtapnamespace. - Uninstall the helm chart:
helm uninstall --namespace rhtap installer. - Delete the rhtap namespace.
- Delete all the deployment namespaces (e.g.
rhtap-app-development,rhtap-app-production,rhtap-app-stage).
Currently unsupported as the user does not have the option to modify the default values.
- Download/Clone this Git Repository:
git clone https://github.com/redhat-appstudio/rhtap-installer. - Install/upgrade the chart on your cluster:
./bin/make.sh apply -- --values private-values.yaml - Run tests:
./test/e2e.sh -- --values private-values.yaml
The CI is controlled by the following repositories:
$ git clone https://github.com/redhat-appstudio/rhtap-installer
$ cd rhtap-installer/bin
$ ./make.sh release