Cluster Management
You can quickly bind existing policy frameworks to different clusters using the Shipa GitHub Actions integration.
cluster:
name: cluster-name
endpoint:
addresses: ["https://111.111.111:6443"]
caCert: ./cert.crt
token: ./token
resources:
frameworks:
name: ["policy1", "policy2"]
Cluster Specification
Component path: cluster
Component | Type | Description |
---|---|---|
name | string | The name of the cluster that will be used as the identifier when binding it to Shipa. The cluster name used here does not need to match the actual cluster name. Required: Yes |
endpoint | endpoint | The Kubernetes cluster API address, token, and certificate that Shipa should use when connecting with the cluster. Required: Yes |
resources | resources | The policy frameworks that should be connected to this cluster Required: Yes |
Endpoint
Component path: cluster > endpoint
Component | Type | Description |
---|---|---|
addresses | string | The Kubernetes cluster API address that Shipa should use when connecting to the cluster. You can find detailed information on how to find your cluster information here Required: Yes |
caCert | file path | The path to the CA Cert file that should be used by Shipa when connecting to the cluster API You can find detailed information on how to find your cluster CA Cert information here Required: Yes |
token | file path | The Shipa admin account token that was previously added to your cluster so Shipa can successfully connect to it. You can find detailed information on how to create a service account for Shipa in your cluster here Required: Yes |
File Format
CA Cert
Shipa expects your CA Cert file to have the following content format:
-----BEGIN CERTIFICATE-----
cert content
-----END CERTIFICATE-----
Token
Shipa expects your Token file to have the following content format:
XXXxxxxxxxxxXXxXXxXXXxx
Policy Frameworks
Component path: cluster > resources > frameworks
Component | Type | Description |
---|---|---|
name | string | The name of the policy frameworks that should be bound to the cluster. Required: Yes |
Updated about 1 year ago