Cluster Management

You can quickly bind existing policy frameworks to different clusters using the Shipa GitHub Actions integration.

cluster:
  name: cluster-name
  endpoint:
    addresses: ["https://111.111.111:6443"]
    caCert: ./cert.crt
    token: ./token
  resources:
    frameworks:
      name: ["policy1", "policy2"]

Cluster Specification

Component path: cluster

Component

Type

Description

name

string

The name of the cluster that will be used as the identifier when binding it to Shipa.

The cluster name used here does not need to match the actual cluster name.

Required: Yes

endpoint

endpoint

The Kubernetes cluster API address, token, and certificate that Shipa should use when connecting with the cluster.

Required: Yes

resources

resources

The policy frameworks that should be connected to this cluster

Required: Yes

Endpoint

Component path: cluster > endpoint

Component

Type

Description

addresses

string

The Kubernetes cluster API address that Shipa should use when connecting to the cluster.

You can find detailed information on how to find your cluster information here

Required: Yes

caCert

file path

The path to the CA Cert file that should be used by Shipa when connecting to the cluster API

You can find detailed information on how to find your cluster CA Cert information here

Required: Yes

token

file path

The Shipa admin account token that was previously added to your cluster so Shipa can successfully connect to it.

You can find detailed information on how to create a service account for Shipa in your cluster here

Required: Yes

File Format

CA Cert

Shipa expects your CA Cert file to have the following content format:

-----BEGIN CERTIFICATE-----
cert content
-----END CERTIFICATE-----

Token

Shipa expects your Token file to have the following content format:

XXXxxxxxxxxxXXxXXxXXXxx

Policy Frameworks

Component path: cluster > resources > frameworks

Component

Type

Description

name

string

The name of the policy frameworks that should be bound to the cluster.

Required: Yes


Did this page help you?