Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-03-06 05:36:07 -05:00
Code Issues Packages Projects Releases Wiki Activity

update k8s conformance folder to the recent submission

Browse Source
This commit is contained in:
Thomas Tendyck 2022-10-21 14:20:16 +02:00 committed by Thomas Tendyck
parent 6fe750f21b
commit 8b48b1b582
2 changed files with 15 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
conformance/PRODUCT.yaml
View File

@ -1,8 +1,9 @@
vendor: Edgeless Systems vendor: Edgeless Systems
name: Constellation name: Constellation
version: v1.0.0 version: v2.1.0
website_url: https://www.edgeless.systems/products/constellation/ website_url: https://www.edgeless.systems/products/constellation/
documentation_url: https://docs.edgeless.systems/constellation documentation_url: https://docs.edgeless.systems/constellation
product_logo_url: https://docs.edgeless.systems/constellation/img/logos/constellation_white_bg.svg product_logo_url: https://docs.edgeless.systems/constellation/img/logos/constellation_white_bg.svg
repo_url: https://github.com/edgelesssys/constellation
type: distribution type: distribution
description: Constellation creates a confidential Kubernetes cluster. description: Constellation leverages confidential computing to isolate entire Kubernetes clusters from the infrastructure.

30
conformance/README.md
View File

@ -2,22 +2,26 @@
## Prerequisites ## Prerequisites
[Install & configure `gcloud` CLI](https://cloud.google.com/sdk/gcloud) for access to GCP. [Follow the docs on how to set up cloud credentials for GCP](https://docs.edgeless.systems/constellation/getting-started/install#set-up-cloud-credentials)
[Install kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl-linux/) for working with Kubernetes [Install kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl-linux/) for working with Kubernetes
For more information [follow our documentation.](https://docs.edgeless.systems/constellation/getting-started/install)
Additionally, [Sonobuoy CLI is required.](https://github.com/vmware-tanzu/sonobuoy/releases) Additionally, [Sonobuoy CLI is required.](https://github.com/vmware-tanzu/sonobuoy/releases)
These tests results were produced using Sonobuoy v0.56.4. These tests results were produced using Sonobuoy v0.56.10
## Provision Constellation Cluster ## Provision Constellation Cluster
Tests were made using GCP `n2d-standard-4` VMs. ```sh
constellation config generate gcp
```
Fill the config with the needed values for your cloud subscription.
Set `kubernetesVersion: "1.x"`.
```sh ```sh
constellation create -c 1 -w 2 -y constellation config fetch-measurements
constellation init constellation create -c3 -w2 -y
constellation init --conformance
export KUBECONFIG="$PWD/constellation-admin.conf" export KUBECONFIG="$PWD/constellation-admin.conf"
``` ```
@ -49,16 +53,6 @@ cat plugins/e2e/results/global/junit_01.xml
# Remove test deployments # Remove test deployments
sonobuoy delete --wait sonobuoy delete --wait
# Or, shutdown cluster # Or, shutdown cluster
./constellation terminate constellation terminate
rm constellation-mastersecret.base64 rm constellation-mastersecret.base64
``` ```
## Run CIS Benchmark Tests
```sh
# Runs for <1 min.
sonobuoy run --plugin https://raw.githubusercontent.com/vmware-tanzu/sonobuoy-plugins/master/cis-benchmarks/kube-bench-plugin.yaml --plugin https://raw.githubusercontent.com/vmware-tanzu/sonobuoy-plugins/master/cis-benchmarks/kube-bench-master-plugin.yaml --wait
# ... download & display results.
outfile=$(sonobuoy retrieve)
sonobuoy results $outfiles
```