Skip to content
/ demo Public

This repository contains Terraform to stand up Rode along with a Jenkins instance and sample pipeline to demonstrate or evaluate Rode functionality.

License

Notifications You must be signed in to change notification settings

rode/demo

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

57 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Rode Demo

This repository contains a demo / example of Rode's functionality.

Included in the repo is a /tf folder that includes the necessary Terraform automation to deploy the services required to run Rode.

This demo sets up a Jenkins CI server that will have a job pointed at the Rode Demo App, which is a sample hello-world node app based on an Alpine image with two known medium vulnerabilities.

Simply change the base image in the Dockerfile to node:current-alpine3.12, to resolve the vulnerabilities.

Prerequisites

  • Terraform >= 0.13.0
  • Terragrunt
  • A Kubernetes cluster (the cluster that comes with Docker Desktop for Mac is recommended)
  • kubectl

Usage

Local Setup

For local access to Jenkins and Harbor through the created ingress, new entries need to be created inside your local hosts file.

sudo vi /etc/hosts

Copy and paste the lines below to your /etc/hosts file.

127.0.0.1 harbor.localhost
127.0.0.1 jenkins.localhost
127.0.0.1 rode-ui.localhost
127.0.0.1 sonarqube.localhost

Additionally, a rewrite may need to be added to your clusters DNS server to send Harbor traffic through the nginx controller. Automation is in place to update the CoreDNS configmap to include this rewrite, but in the event of a failed image deployment to Harbor inside the cluster, you may look to add the rewrite show below in the data block. (If your cluster is not using CoreDNS, you can disable this automation by setting the variable update_coredns to false. You will need to find another way to direct traffic to Harbor.)

rewrite name harbor.localhost ingress-nginx-controller.nginx.svc.cluster.local

rewrite


To deploy the Rode stack locally, switch to the tf/local directory, then run

terragrunt apply

Retrieving Credentials

Jenkins admin password

To retrieve the Jenkins admin password for authentication use the command below to copy it to your clipboard.

kubectl get secret -n jenkins jenkins -o jsonpath="{.data.jenkins-admin-password}" | base64 --decode | pbcopy

Harbor admin password

To retrieve the Harbor admin password for authentication use the command below to copy it to your clipboard.

kubectl get secret -n rode-demo-harbor harbor-harbor-core -o jsonpath="{.data.HARBOR_ADMIN_PASSWORD}" | base64 --decode | pbcopy

SonarQube admin password

To access the SonarQube instance, retrieve the password by using the following command:

kubectl -n rode-demo-sonarqube get secret sonarqube-admin-credentials -o jsonpath="{.data.password}" | base64 --decode | pbcopy

Pushing Images To Harbor

When running locally using an auto-generated certificate for Harbor, you will need to add Harbor as an insecure Docker registry.

Before pushing an image, you will need to log in to Harbor using the Docker CLI:

$ docker login harbor.localhost -u admin -p ${admin_password}

Then, you can push an image using docker push. We recommend pulling an existing image, tagging it, then pushing it to Harbor:

$ docker pull alpine:latest
$ docker tag alpine:latest harbor.localhost/rode-demo/alpine:latest
$ docker push harbor.localhost/rode-demo/alpine:latest

About

This repository contains Terraform to stand up Rode along with a Jenkins instance and sample pipeline to demonstrate or evaluate Rode functionality.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published