1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-01-20 18:52:16 +00:00
kyverno/scripts
shuting c0f32d9807
cherry-pick #6030 (#6034)
Signed-off-by: ShutingZhao <shuting@nirmata.com>

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2023-01-19 09:03:55 +01:00
..
config cherry-pick #6030 (#6034) 2023-01-19 09:03:55 +01:00
labs/argocd chore: bump kyverno version in argo lab (#5482) 2022-11-26 14:02:25 +00:00
boilerplate.go.txt feat: enable autogen from makefile (#4467) 2022-09-01 14:14:56 +08:00
create-e2e-infrastruture.sh [Feature] Pin Dependencies by Hash (#5168) 2022-11-07 08:59:26 +00:00
deploy-controller-debug.sh remove extra line for local debug 2019-07-03 14:11:18 -07:00
deploy-controller.sh refactor: shell to prevent globbing and word splitting (#3829) 2022-05-07 16:46:50 +01:00
generate-self-signed-cert-and-k8secrets-debug.sh Restructure project to follow standards (#2632) 2021-10-29 18:13:20 +02:00
generate-self-signed-cert-and-k8secrets.sh refact:update script of generate-self-signed-cert-and-k8secrets.sh to supports custom namespace (#4758) 2022-10-03 18:21:46 +05:30
generate-server-cert.sh refactor: shell to prevent globbing and word splitting (#3829) 2022-05-07 16:46:50 +01:00
README.md 420 init container (#501) 2019-11-18 11:41:37 -08:00
verify-deployment.sh tighten and clarify Kyverno roles and permissions (#2799) 2021-12-10 04:34:06 +00:00

Use these scripts to prepare the controller for work. All these scripts should be launched from the root folder of the project.

generate-server-cert.sh

Generates TLS certificate and key that used by webhook server. Example: scripts/generate-server-cert.sh --service=kyverno-svc --namespace=my_namespace --serverIp=192.168.10.117

  • --service identifies the service for in-cluster webhook server. Do not specify it if you plan to run webhook server outside the cluster, or cpecify 'localhost' if you want to run controller locally.
  • --namespace identifies the namespace for in-cluster webhook server. Do not specify it if you plan to run controller locally.
  • --serverIp is the IP of master node, it can be found in ~/.kube/config: clusters.cluster[0].server. You should explicitly specify it.

deploy-controller.sh

Prepares controller for free (local) or in-cluster use. Uses generate-server-cert.sh inside and has the same parameters with almost same meaning:

  • --service - the name of the service which will be created for the controller. Use 'localhost' value to deploy controller locally. The default is 'kube-policu-svc'
  • --namespace - the target namespace to deploy the controller. Do not specify it if you want to depoloy controller locally.
  • --serverIp means the same as for generate-server-cert.sh Examples: scripts/deploy-controller.sh --service=my-kyverno --namespace=my_namespace --serverIp=192.168.10.117 - deploy controller to the cluster with master node '192.168.10.117' to the namespace 'my_namespace' as a service 'my-kyverno' scripts/deploy-controller.sh --service=localhost --serverIp=192.168.10.117 - deploy controller locally for usage in cluster with master node at '192.168.10.117'

update-codegen.sh

Generates additional code for controller object. You should resolve all dependencies before using it, see main Readme for details.