From c604f48335354c3595e4fdaf9bd5b21d26e1aa71 Mon Sep 17 00:00:00 2001 From: Zachariah Dzielinski Date: Mon, 25 Jan 2021 10:59:12 -0700 Subject: [PATCH 1/2] First pass at changing dsop.io to dso.mil --- README.md | 22 +++++++++++----------- chart/values.yaml | 2 +- docs/ELASTIC.md | 2 +- tests/test-values.yml | 2 +- 4 files changed, 14 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index 603828d..67768c4 100644 --- a/README.md +++ b/README.md @@ -34,7 +34,7 @@ brew install kustomize Clone repository ``` -git clone https://repo1.dsop.io/platform-one/apps/twistlock.git +git clone https://repo1.dso.mil/platform-one/apps/twistlock.git cd twstlock ``` @@ -54,7 +54,7 @@ The Variables required are as follows: //Environment $ TWISTLOCK_CONSOLE_USER=Administrator $ TWISTLOCK_CONSOLE_PASSWORD=< my password> -$ TWISTLOCK_EXTERNAL_ROUTE=twistlock.fences.dsop.io +$ TWISTLOCK_EXTERNAL_ROUTE=twistlock.fences.dso.mil $ TWISTLOCK_LICENSE= $ TOKEN= ``` @@ -107,19 +107,19 @@ The "Bearer" token can be found in the twistlock application Manage/Authorizatio ``` //Windows twistcli: -curl --progress-bar -L -k --header "authorization: Bearer $TOKEN" https://twistlock.fences.dsop.io/api/v1/util/windows/twistcli.exe > twistcli.exe; +curl --progress-bar -L -k --header "authorization: Bearer $TOKEN" https://twistlock.fences.dso.mil/api/v1/util/windows/twistcli.exe > twistcli.exe; ``` ``` Linux twistcli: -curl --progress-bar -L -k --header "authorization: Bearer $TOKEN" https://twistlock.fences.dsop.io/api/v1/util/twistcli > twistcli; chmod a+x twistcli; +curl --progress-bar -L -k --header "authorization: Bearer $TOKEN" https://twistlock.fences.dso.mil/api/v1/util/twistcli > twistcli; chmod a+x twistcli; ``` ``` Mac OS twistcli: -curl --progress-bar -L -k --header "authorization: Bearer TOKEN" https://twistlock.fences.dsop.io/api/v1/util/osx/twistcli > twistcli; chmod a+x twistcli; +curl --progress-bar -L -k --header "authorization: Bearer TOKEN" https://twistlock.fences.dso.mil/api/v1/util/osx/twistcli > twistcli; chmod a+x twistcli; ``` #### Install Defender @@ -134,7 +134,7 @@ The following command can be authenticated by TOKEN or Username/Password. ##### Download the daemonset.yaml. The default Image is set to teh Prisma server. We need to pull images from Platform 1. The image URL needs to be changed -##### Image: registry.dsop.io/platform-one/apps/twistlock/defender:20.04.169 +##### Image: registry.dso.mil/platform-one/apps/twistlock/defender:20.04.169 2) Install Defender @@ -190,9 +190,9 @@ Integrating Prisma Cloud with SAML consists of setting up your IdP, then configu The following information is required to setup up Prisma Cloud in Keycloak: * The SSO_URI will be the keycloak SAML URI -SSO_URL= +SSO_URL= * The issuer URL -ISSUER_URL= +ISSUER_URL= * The Client ID. THis is the name of the client in keycloak. For SAML you will need the x509 certificate for this Client CLIENT_ID=il2_twistlock (or whatever your client name) * X590 certificate from the keycloak client install download To imput this into twistlock by teh web page or by the api, be aware teh pem format is strictly enforced. If you are having issues, test the certificate using opensource tools. Ensure there are 3 lines in the cert; BEGIN/CRLF/Cert/CRLF/END @@ -224,9 +224,9 @@ X_509_CERT="just the certificate" 3. Select "SAML" then the enable switch. 4. Open the installation file from keycloak. - a. The Identity Provider SSO is `https://keycloak.fences.dsop.io/auth/realms/your-realm/protocol/saml` - b. The Identity Provider is `https://keycloak.fences.dsop.io/auth/realms/your-realm` - c. The root URL is `https://twistlock.fences.dsop.io` + a. The Identity Provider SSO is `https://keycloak.fences.dso.mil/auth/realms/your-realm/protocol/saml` + b. The Identity Provider is `https://keycloak.fences.dso.mil/auth/realms/your-realm` + c. The root URL is `https://twistlock.fences.dso.mil` 5. Paste the client certificate token in the x509 area. The certificate must be in pem format and include the header and footer. When completed select "Save". diff --git a/chart/values.yaml b/chart/values.yaml index c34ce76..f623052 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -9,7 +9,7 @@ console: hostname: bigbang.dev image: - repository: registry.dsop.io/platform-one/big-bang/apps/security-tools/twistlock/console + repository: registry.dso.mil/platform-one/big-bang/apps/security-tools/twistlock/console tag: 20.04.163 persistence: diff --git a/docs/ELASTIC.md b/docs/ELASTIC.md index 25e7855..1648c7a 100644 --- a/docs/ELASTIC.md +++ b/docs/ELASTIC.md @@ -76,7 +76,7 @@ kubernetes.container_name:twistlock-console ``` ``` -kubernetes.container_name:twistlock-console kubernetes.namespace_name:twistlock stream:stdout log: F  ERRO 2020-07-14T20:01:10.932 kubernetes_profile_resolver.go:38  Failed to fetch Istio resources in 863da02e-15f2-d3da-f74d-0256f77292ad: 1 error occurred: docker.container_id:8303db1aa9e2a694b5db5a454c07127944ee0a4799f3e15f190eaa0eec53ca63 kubernetes.pod_name:twistlock-console-7d77c954d-lnjxp kubernetes.container_image:registry.dsop.io/platform-one/apps/twistlock/console:20.04.169 kubernetes.container_image_id:registry.dsop.io/platform-one/apps/twistlock/console@sha256:db77c64af682161c52da2bbee5fb55f38c0bcd46cacdb4c1148f24d094f18a10 kubernetes.pod_id:c979ebe6-f636-41b8-bfff-eab27fd48692 +kubernetes.container_name:twistlock-console kubernetes.namespace_name:twistlock stream:stdout log: F  ERRO 2020-07-14T20:01:10.932 kubernetes_profile_resolver.go:38  Failed to fetch Istio resources in 863da02e-15f2-d3da-f74d-0256f77292ad: 1 error occurred: docker.container_id:8303db1aa9e2a694b5db5a454c07127944ee0a4799f3e15f190eaa0eec53ca63 kubernetes.pod_name:twistlock-console-7d77c954d-lnjxp kubernetes.container_image:registry.dso.mil/platform-one/apps/twistlock/console:20.04.169 kubernetes.container_image_id:registry.dso.mil/platform-one/apps/twistlock/console@sha256:db77c64af682161c52da2bbee5fb55f38c0bcd46cacdb4c1148f24d094f18a10 kubernetes.pod_id:c979ebe6-f636-41b8-bfff-eab27fd48692 ``` ``` diff --git a/tests/test-values.yml b/tests/test-values.yml index 6ed6d0b..016fd0d 100644 --- a/tests/test-values.yml +++ b/tests/test-values.yml @@ -9,7 +9,7 @@ console: hostname: bigbang.dev image: - repository: registry.dsop.io/platform-one/big-bang/apps/security-tools/twistlock/console + repository: registry.dso.mil/platform-one/big-bang/apps/security-tools/twistlock/console tag: 20.04.163 persistence: -- GitLab From 1526c1031093400558ac38640254c5c8a32e581a Mon Sep 17 00:00:00 2001 From: Zachariah Dzielinski Date: Wed, 27 Jan 2021 15:19:59 -0700 Subject: [PATCH 2/2] Update version --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 48755a2..381d4f4 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v2 name: twistlock -version: 0.0.2-bb.0 +version: 0.0.2-bb.1 appVersion: 20.04.163 \ No newline at end of file -- GitLab