robusta icon indicating copy to clipboard operation
robusta copied to clipboard
verified publisher icon robusta-dev

Gitops Documentation and Instructions lacking

Open seanfariacustomink opened this issue 3 years ago • 2 comments

Is your feature request related to a problem? Robusta was denied by the team since the app generates ssh-keys.

Describe the solution you'd like I found this thread and the documentation needs to be updated https://github.com/robusta-dev/robusta/issues/307

Describe alternatives you've considered Don't use SSH keys since this is a huge security concern

Additional context Add any other context or screenshots about the feature request here.

seanfariacustomink avatar Dec 19 '22 20:12 seanfariacustomink

@seanfariacustomink , Thanks for the feedback it helps us improve.

Could you elaborate a bit more on your use case? Do you intend to push your values.yaml file to git? and are you referring to the RSA keys in that file?

We will update the docs in the coming days.

RoiGlinik avatar Dec 20 '22 07:12 RoiGlinik

@seanfariacustomink , To my understanding you want remove the RSA values from the Robusta configuration (generated_values.yaml, for gitops purposes) and use them as secrets

The process is as follows:

  1. Back up the generated_values.yaml of prod.

  2. Delete the “rsa” section from the generated_values.yaml in prod, and run helm upgrade robusta robusta/robusta -f generated_values.yaml ( you can now commit it without the keys)

  3. Create a “Secret” for the RSA file, that looks like this:

apiVersion: v1
kind: Secret
metadata:
  name: robusta-auth-config-secret
  namespace: <robusta-namespace>
type: Opaque
data:
  prv: <prv-you-copied>
  pub: <pub-you-copied>
  1. Restart robusta-runner deployment / pod.
  2. Make sure it works by opening the Robusta UI, choosing one of the Apps -> Pods

RoiGlinik avatar Dec 26 '22 09:12 RoiGlinik