1d1df07770
* add local osv db client Signed-off-by: Spencer Schrock <sschrock@google.com> * enable osv experiment in cron release test Signed-off-by: Spencer Schrock <sschrock@google.com> --------- Signed-off-by: Spencer Schrock <sschrock@google.com> |
||
|---|---|---|
| .. | ||
| auth.yaml | ||
| cii.yaml | ||
| controller.release.yaml | ||
| controller.yaml | ||
| README.md | ||
| transfer-raw.yaml | ||
| transfer.release-raw.yaml | ||
| transfer.release.yaml | ||
| transfer.yaml | ||
| webhook.release.yaml | ||
| worker.release.yaml | ||
| worker.yaml | ||
Applying changes to the openssf cluster
Currently there is no automation to sync changes to these files to the GKE cluster.
Changes must be manually applied with kubectl by a user with permissions to modify the cluster.
Before committing any changes, it is recommended to check your YAML files for errors with yamllint. To check all YAML files in this directory, run:
yamllint -d relaxed .
Note: relaxed is a more tolerant, predefined config which ignores things like line length.
Installing kubectl
Follow instructions
here
to configure kubectl and set the default cluster.
The cluster name is openssf which is in zone us-central1-c.
Uploading a cronjob/pod configuration file
- Verify you're working on the
openssfcluster withkubectl config current-context - Run
kubectl apply -f FILENAMEto apply a new configuration
Creating or updating the ConfigMap using the config.yaml file
We use ConfigMaps to store our config file (cron/config/config.yaml).
The file can be created for the first time, or updated, with the same command:
kubectl create configmap scorecard-config --from-file=config.yaml -o yaml --dry-run=client | kubectl apply -f -
Accessing the config.yaml through ConfigMap
The ConfigMap is then volume mounted, so the config file is accessible by any cronjob that specifies the mounting in its yaml.