This is a modified upstream chart. Custom templates and values are added to support SSO, VirtualServices, and other Big Bang features.
This is a modified upstream chart. Custom templates and values are added to support SSO, VirtualServices, Ironbank images, and other Big Bang features.
Temporarily the subchart dependency for redis is downloaded as a tar archive in the chart/charts/ directory. This should be replaced by a Big Bang package.
Temporarily the subchart dependencies for postgres and redis are downloaded under the `dependencies` folder. These should be replaced by Big Bang packages in the future.
To update the redis dependency:
To update the dependency tgz(s) under the `chart/charts` folder:
```
```
helm dependency update
helm dependency update chart
```
```
To deploy Anchore apart from Umbrella:
To deploy Anchore apart from Umbrella:
...
@@ -19,12 +19,6 @@ To delete Anchore when deployed this way:
...
@@ -19,12 +19,6 @@ To delete Anchore when deployed this way:
helm delete anchore -n anchore
helm delete anchore -n anchore
```
```
## Initial admin login
## Usage
The initial admin login is user ```admin```. The password is available in the values file, defaulted to ```foobar```.
For additional details on using this chart, view the README under the `chart` folder. It provides details on installation along with values that are important to update.
## Deployment
For production deployments you must externalize Postgres. See the `values.yaml` file section `postgresql` for more details.
If using the Anchore UI you must also externalize Redis. See the `values.yaml` file section `anchore-ui-redis` for more details.
For a prod environment it is important to externalize the dependency on postgres. See below for values to include for externalizing this. Since some of these values are sensitive they should be added to your encrypted `secrets.enc.yaml` file. (Do not duplicate anything above "postgresql:" that is included simply for guidance on where to place these values.)
For a prod environment it may be desired to externalize the dependency on postgres. See below for values to include for externalizing this. Since some of these values are sensitive they should be added to your encrypted `secrets.enc.yaml` file. (Do not duplicate anything above "postgresql:" that is included simply for guidance on where to place these values.)
```yaml
```yaml
stringData:
stringData:
...
@@ -124,7 +124,7 @@ addons:
...
@@ -124,7 +124,7 @@ addons:
At this point you can also include other values to customize your install. For a prod environment it is important to externalize your dependencies (such as postgres for feeds and redis for the UI). Also make sure that you have externalized the main postgres instance as described in the above "Install with Umbrella" section. Since these include sensitive values make sure the sensitive values are included in your `secrets.enc.yaml` rather than the unencrypted `configmap.yaml`.
At this point you can also include other values to customize your install. For a prod environment it is important to externalize your dependencies (such as postgres for feeds and redis for the UI). Also make sure that you have externalized the main postgres instance as described in the above "Install with Umbrella" section. Since these include sensitive values make sure the sensitive values are included in your `secrets.enc.yaml` rather than the unencrypted `configmap.yaml`.
If you plan to make use of the Enterprise Feeds Service, externalize that postgres config as well. You should be able to use a separate database in the same instance:
If you plan to make use of the Enterprise Feeds Service, you may wish to externalize that postgres as well. You should be able to use a separate database in the same instance:
```yaml
```yaml
stringData:
stringData:
...
@@ -140,7 +140,7 @@ stringData:
...
@@ -140,7 +140,7 @@ stringData:
postgresDatabase: "databaseName"
postgresDatabase: "databaseName"
```
```
If you plan to use the UI you will also need to externalize your Redis instance:
If you plan to use the UI you may want to externalize your Redis instance:
```yaml
```yaml
stringData:
stringData:
...
@@ -155,7 +155,7 @@ stringData:
...
@@ -155,7 +155,7 @@ stringData:
## Installing on OpenShift
## Installing on OpenShift
The upstream chart READMEs provide additional details on how to deploy to OpenShift. Necessary values are also included in the values file in this repo.
The [upstream chart README](https://github.com/anchore/anchore-charts/tree/master/stable/anchore-engine#installing-on-openshift) provides additional details on how to deploy to OpenShift. Necessary values are also included in the values file in this repo.
@@ -5,6 +5,7 @@ This repo contains Big Bang's implementation of Anchore. This includes the upstr
...
@@ -5,6 +5,7 @@ This repo contains Big Bang's implementation of Anchore. This includes the upstr
## Other Docs
## Other Docs
-[Metrics](./metrics.md)
-[Metrics](./metrics.md)
-[Big Bang Modifications](./BBCHANGES.md)
# Structure
# Structure
...
@@ -21,7 +22,3 @@ The docs folder provides documentation from Big Bang about usage and features of
...
@@ -21,7 +22,3 @@ The docs folder provides documentation from Big Bang about usage and features of
## Tests
## Tests
The tests folder contains all tests and additional dependencies (test values, etc) needed for executing tests in the CI pipeline.
The tests folder contains all tests and additional dependencies (test values, etc) needed for executing tests in the CI pipeline.
# TODOs
1. The Postgres and Redis images being used are not from IronBank. There appears to be an issue using the IronBank Postgres image for Anchore - this needs more investigation. In addition, the Redis image being pulled from the upstream Helm chart is several versions beyond what IronBank contains.
