From cb2d5033c389796b73a8db5b35d88d0540e712c5 Mon Sep 17 00:00:00 2001 From: Danny Gershman Date: Sat, 2 Aug 2025 17:16:20 -0400 Subject: [PATCH 1/5] initial package creation --- .claude/settings.local.json | 8 +++ .github/ISSUE_TEMPLATE/tech_debt.md | 2 +- .github/pull_request_template.md | 2 +- CLAUDE.md | 71 ++++++++++++++++++++++++ CONTRIBUTING.md | 2 +- README-template.md | 8 +-- README.md | 6 +- TODO.md | 20 +++++++ bundle/uds-bundle.yaml | 8 +-- bundle/uds-config.yaml | 2 +- chart/Chart.yaml | 4 +- chart/templates/template-sso-secret.yaml | 4 +- chart/templates/uds-package.yaml | 18 +++--- chart/values.yaml | 8 +-- common/zarf.yaml | 26 ++++----- docs/configuration.md | 2 +- docs/justifications.md | 4 +- renovate.json | 6 +- tasks/test.yaml | 14 ++--- tests/package-lock.json | 4 +- tests/package.json | 2 +- tests/playwright.config.ts | 2 +- tests/template-application-name.test.ts | 2 +- values/registry1-values.yaml | 6 +- zarf.yaml | 50 +++++------------ 25 files changed, 178 insertions(+), 103 deletions(-) create mode 100644 .claude/settings.local.json create mode 100644 CLAUDE.md create mode 100644 TODO.md diff --git a/.claude/settings.local.json b/.claude/settings.local.json new file mode 100644 index 0000000..f0347f5 --- /dev/null +++ b/.claude/settings.local.json @@ -0,0 +1,8 @@ +{ + "permissions": { + "allow": [ + "Bash(kubectl exec:*)" + ], + "deny": [] + } +} \ No newline at end of file diff --git a/.github/ISSUE_TEMPLATE/tech_debt.md b/.github/ISSUE_TEMPLATE/tech_debt.md index ba8259a..7527ace 100644 --- a/.github/ISSUE_TEMPLATE/tech_debt.md +++ b/.github/ISSUE_TEMPLATE/tech_debt.md @@ -10,7 +10,7 @@ assignees: '' A clear and concise description of what should be changed/researched. Ex. This piece of the code is not DRY enough [...] ### Links to any relevant code -(optional) i.e. - https://github.com/uds-packages/uds-package-#TEMPLATE_APPLICATION_NAME#/blob/main/README.md?plain=1#L1 +(optional) i.e. - https://github.com/uds-packages/uds-package-socketzero/blob/main/README.md?plain=1#L1 ### Additional context Add any other context or screenshots about the technical debt here. diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 1731ae7..2e806ac 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -17,4 +17,4 @@ Relates to # ## Checklist before merging - [ ] Test, docs, adr added or updated as needed -- [ ] [Contributor Guide Steps](https://github.com/uds-packages/uds-package-#TEMPLATE_APPLICATION_NAME#/blob/main/CONTRIBUTING.md#developer-workflow) followed +- [ ] [Contributor Guide Steps](https://github.com/uds-packages/uds-package-socketzero/blob/main/CONTRIBUTING.md#developer-workflow) followed diff --git a/CLAUDE.md b/CLAUDE.md new file mode 100644 index 0000000..858ff59 --- /dev/null +++ b/CLAUDE.md @@ -0,0 +1,71 @@ +# CLAUDE.md + +This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository. + +## Project Overview + +This is a UDS (Unicorn Delivery Service) package for SocketZero, following the Defense Unicorns UDS package template structure. The package deploys SocketZero application using Zarf and UDS bundle configurations with Helm charts. + +## Development Commands + +Use the UDS CLI with these tasks defined in `tasks.yaml`: + +- `uds run` - Setup k3d cluster and deploy package (default) +- `uds run dev` - Create and deploy bundle on existing cluster (faster iteration) +- `uds run create-dev-package` - Create package with `--skip-sbom` flag +- `uds run test-install` - Test deploying current branch to new cluster +- `uds run test-upgrade` - Test upgrade from latest released package +- `uds run publish-package` - Build, test, and publish packages + +### Testing Commands + +- `uds run test:all` - Run all tests (health check, ingress, UI tests) +- `uds run test:health-check` - Verify SocketZero deployment is available +- `uds run test:ingress` - Check SocketZero UI accessibility at https://socketzero.uds.dev +- `uds run test:ui` - Run Playwright tests in Docker container + +### Package Management + +The repository uses common UDS tasks imported from `uds-common` v1.16.4: +- `create:package`, `create:test-bundle` - Package creation +- `deploy:test-bundle` - Bundle deployment +- `setup:k3d-test-cluster` - Test cluster setup +- `lint`, `pull`, `upgrade`, `compliance` - Standard operations + +## Architecture + +### Package Structure + +- **Root `zarf.yaml`** - Main package definition importing from `common/zarf.yaml` +- **`common/zarf.yaml`** - Core component definition with SocketZero Helm chart +- **`bundle/uds-bundle.yaml`** - UDS bundle for testing with dependencies +- **`chart/`** - UDS Package custom resources (SSO, network policies, virtual services) + +### Key Components + +1. **SocketZero Application** - Deployed via Helm chart from https://github.com/radiusmethod/socketzero-helm.git +2. **UDS Package Resource** - Configures SSO integration and network policies in `chart/templates/uds-package.yaml` +3. **Values Files** - Environment-specific configurations in `values/` directory + +### Configuration + +- **SSO Integration** - SAML-based authentication configured in UDS Package spec +- **Network Policies** - Ingress/egress rules with Istio gateway exposure on port 1234 +- **Service Exposure** - SocketZero service exposed via tenant gateway at `socketzero.{{ domain }}` + +## Image Registry + +Uses Registry1 Iron Bank image: `registry1.dso.mil/ironbank/radiusmethod/socketzero/receiver:0.5.9` + +## Testing Strategy + +- **Health Checks** - Kubernetes deployment readiness validation +- **Ingress Testing** - HTTP status verification via curl +- **UI Testing** - Playwright tests running in containerized environment +- **Package Validation** - UDS Package CRD status monitoring + +## Variables + +Key Zarf variables defined in root `zarf.yaml`: +- `DOMAIN` (default: "uds.dev") +- `EXAMPLE_DB_USERNAME`, `EXAMPLE_DB_ENDPOINT` - Database configuration placeholders \ No newline at end of file diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 89dbea1..06441a7 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,4 +1,4 @@ -# Welcome to the #TEMPLATE_APPLICATION_DISPLAY_NAME# UDS Package +# Welcome to the SocketZero UDS Package Thank you for your interest in this Defense Unicorns UDS Package! diff --git a/README-template.md b/README-template.md index c5ea267..c8f8c88 100644 --- a/README-template.md +++ b/README-template.md @@ -1,12 +1,12 @@ -# UDS Package #TEMPLATE_APPLICATION_DISPLAY_NAME# +# UDS Package SocketZero -This package is designed to be deployed on [UDS Core](https://github.com/defenseunicorns/uds-core) and is based on the upstream [#TEMPLATE_APPLICATION_DISPLAY_NAME#](#TEMPLATE_CHART_REPO#) chart. +This package is designed to be deployed on [UDS Core](https://github.com/defenseunicorns/uds-core) and is based on the upstream [SocketZero](#TEMPLATE_CHART_REPO#) chart. > INSERT HERE 1-2 sentence summary of what the application does. ## Pre-requisites -The #TEMPLATE_APPLICATION_DISPLAY_NAME# Package expects to be deployed on top of [UDS Core](https://github.com/defenseunicorns/uds-core) with the dependencies listed below being configured prior to deployment. +The SocketZero Package expects to be deployed on top of [UDS Core](https://github.com/defenseunicorns/uds-core) with the dependencies listed below being configured prior to deployment. #### Dependency information @@ -22,7 +22,7 @@ Add any dependency information here ## Releases -The released packages can be found in [ghcr](https://github.com/uds-packages/#TEMPLATE_APPLICATION_NAME#/pkgs/container/#TEMPLATE_APPLICATION_NAME#). +The released packages can be found in [ghcr](https://github.com/uds-packages/socketzero/pkgs/container/socketzero). ## UDS Tasks (for local dev and CI) diff --git a/README.md b/README.md index 5c133e3..6479bec 100644 --- a/README.md +++ b/README.md @@ -13,10 +13,10 @@ After creating a repo from the UDS Package Template, follow [Making it your own] | value | replace_with | example | | ------------------------------------- | --------------------------- | ------------------------------------------------------ | -| `#TEMPLATE_APPLICATION_NAME#` | application name | nginx, mattermost, cert-manager, etc... | -| `#TEMPLATE_APPLICATION_DISPLAY_NAME#` | application name for humans | NGINX, Mattermost Cert Manager, etc... | +| `socketzero` | application name | nginx, mattermost, cert-manager, etc... | +| `SocketZero` | application name for humans | NGINX, Mattermost Cert Manager, etc... | | `#TEMPLATE_CHART_REPO#` | chart repository URL | `https://charts.jetstack.io/` | -| `#UDS_PACKAGE_REPO#` | package repository URL | `https://github.com/defenseunicorns/uds-package-nginx` | +| `https://github.com/radiusmethod/uds-package-socketzero` | package repository URL | `https://github.com/defenseunicorns/uds-package-nginx` | 2. Review, determine your need, and update diff --git a/TODO.md b/TODO.md new file mode 100644 index 0000000..36f151e --- /dev/null +++ b/TODO.md @@ -0,0 +1,20 @@ +# TODO + +## Development Tasks +- [ ] need to add integration for authservice +- [ ] keycloak permissions +- [ ] pass socketzero receiver configuration +- [ ] pass license information to socketzero +- [x] uds package doesn't seem to be created and health check is failing + +## Testing +- [ ] +- [ ] + +## Documentation +- [ ] +- [ ] + +## Deployment +- [ ] +- [ ] \ No newline at end of file diff --git a/bundle/uds-bundle.yaml b/bundle/uds-bundle.yaml index ec1a3a0..ab5af91 100644 --- a/bundle/uds-bundle.yaml +++ b/bundle/uds-bundle.yaml @@ -3,16 +3,16 @@ kind: UDSBundle metadata: - name: #TEMPLATE_APPLICATION_NAME#-test - description: A UDS bundle for deploying #TEMPLATE_APPLICATION_DISPLAY_NAME# and its dependencies on a development cluster + name: socketzero + description: A UDS bundle for deploying SocketZero and its dependencies on a development cluster version: dev packages: - # #TEMPLATE_APPLICATION_NAME# has a dependency on some-application + # socketzero has a dependency on some-application # - name: some-application # repository: ghcr.io/defenseunicorns/packages/uds/some-application # ref: 0.1.3-upstream - - name: #TEMPLATE_APPLICATION_NAME# + - name: socketzero path: ../ ref: dev diff --git a/bundle/uds-config.yaml b/bundle/uds-config.yaml index e4cf9cf..23da236 100644 --- a/bundle/uds-config.yaml +++ b/bundle/uds-config.yaml @@ -4,6 +4,6 @@ # variables: # some-application: # EXAMPLE_DEP_PACKAGE_VAR: true -# #TEMPLATE_APPLICATION_NAME#: +# socketzero: # EXAMPLE_DB_USERNAME: my-postgres-user # EXAMPLE_DB_ENDPOINT: postgres diff --git a/chart/Chart.yaml b/chart/Chart.yaml index b6f0342..fc86184 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -2,8 +2,8 @@ # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial apiVersion: v2 -name: uds-#TEMPLATE_APPLICATION_NAME#-config -description: uds-#TEMPLATE_APPLICATION_NAME#-config +name: uds-socketzero-config +description: uds-socketzero-config # A chart can be either an 'application' or a 'library' chart. # diff --git a/chart/templates/template-sso-secret.yaml b/chart/templates/template-sso-secret.yaml index bbe493a..cce1c6b 100644 --- a/chart/templates/template-sso-secret.yaml +++ b/chart/templates/template-sso-secret.yaml @@ -2,7 +2,7 @@ # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial # This secret will be used if sso is disabled, instead of the templated one in uds-package.yaml. -# #TEMPLATE_APPLICATION_DISPLAY_NAME# needs to mount the secret and creating it this way avoids creating an unnecessary +# SocketZero needs to mount the secret and creating it this way avoids creating an unnecessary # client in the keycloak realm and unnecessary secret data in the cluster. {{- if not .Values.sso.enabled }} @@ -13,6 +13,6 @@ metadata: namespace: {{ .Release.Namespace }} type: "Opaque" stringData: - #TEMPLATE_APPLICATION_NAME#.sso.config.key: | + socketzero.sso.config.key: | example.saml.enabled: {{ .Values.sso.enabled }} {{- end }} diff --git a/chart/templates/uds-package.yaml b/chart/templates/uds-package.yaml index d9782a6..f6f2c59 100644 --- a/chart/templates/uds-package.yaml +++ b/chart/templates/uds-package.yaml @@ -4,15 +4,15 @@ apiVersion: uds.dev/v1alpha1 kind: Package metadata: - name: #TEMPLATE_APPLICATION_NAME# + name: socketzero namespace: {{ .Release.Namespace }} spec: {{- if .Values.sso.enabled }} sso: - - name: #TEMPLATE_APPLICATION_DISPLAY_NAME# Login - clientId: uds-package-#TEMPLATE_APPLICATION_NAME# + - name: SocketZero Login + clientId: uds-package-socketzero redirectUris: - - "https://#TEMPLATE_APPLICATION_NAME#.{{ .Values.domain }}/oauth2/callback/saml" + - "https://socketzero.{{ .Values.domain }}/oauth2/callback/saml" protocol: saml defaultClientScopes: - "mapper-saml-email-email" @@ -25,7 +25,7 @@ spec: secretName: {{ .Values.sso.secretName }} # This secret template configures sso for the application. Will need updated based on application required configuration secretTemplate: - #TEMPLATE_APPLICATION_NAME#.sso.config.key: | + socketzero.sso.config.key: | example.auth.saml.enabled: {{ .Values.sso.enabled }} example.auth.saml.applicationId: clientField(clientId) example.auth.saml.providerName: {{ .Values.sso.saml.providerName }} @@ -39,12 +39,12 @@ spec: # Customize network policies and expose services via istio network: expose: - - service: #TEMPLATE_APPLICATION_NAME# + - service: socketzero podLabels: - app: #TEMPLATE_APPLICATION_NAME# + app: socketzero gateway: tenant - host: #TEMPLATE_APPLICATION_NAME# - port: 1234 + host: socketzero + port: 9997 allow: - direction: Ingress remoteGenerated: IntraNamespace diff --git a/chart/values.yaml b/chart/values.yaml index 3bea752..8413728 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -6,10 +6,10 @@ domain: "###ZARF_VAR_DOMAIN###" sso: enabled: false protocol: saml - secretName: #TEMPLATE_APPLICATION_NAME#-sso - adminGroups: ["/#TEMPLATE_APPLICATION_DISPLAY_NAME# Admin", "/UDS Core/Admin"] + secretName: socketzero-sso + adminGroups: ["/SocketZero Admin", "/UDS Core/Admin"] saml: - providerName: "#TEMPLATE_APPLICATION_DISPLAY_NAME#" + providerName: "SocketZero" # Support for custom `network.allow` entries on the Package CR additionalNetworkAllow: [] # # Notice no `remoteGenerated` field here on custom internal rule @@ -26,4 +26,4 @@ additionalNetworkAllow: [] # selector: # app: webservice # remoteGenerated: Anywhere -# description: "Egress from #TEMPLATE_APPLICATION_NAME#" +# description: "Egress from socketzero" diff --git a/common/zarf.yaml b/common/zarf.yaml index b6807c0..69d74ed 100644 --- a/common/zarf.yaml +++ b/common/zarf.yaml @@ -4,32 +4,32 @@ # yaml-language-server: $schema=https://raw.githubusercontent.com/defenseunicorns/zarf/main/zarf.schema.json kind: ZarfPackageConfig metadata: - name: #TEMPLATE_APPLICATION_NAME#-common - description: "UDS #TEMPLATE_APPLICATION_DISPLAY_NAME# Common Package" + name: socketzero-common + description: "UDS SocketZero Common Package" components: - - name: #TEMPLATE_APPLICATION_NAME# + - name: socketzero required: true charts: - - name: uds-#TEMPLATE_APPLICATION_NAME#-config - namespace: #TEMPLATE_APPLICATION_NAME# + - name: uds-socketzero-config + namespace: socketzero version: 0.1.0 localPath: ../chart - - name: #TEMPLATE_APPLICATION_NAME# - namespace: #TEMPLATE_APPLICATION_NAME# - url: #TEMPLATE_CHART_REPO# - gitPath: chart - version: 1.2.3 + - name: socketzero + namespace: socketzero + url: https://github.com/radiusmethod/socketzero-helm.git + gitPath: . + version: 0.5.9 valuesFiles: - ../values/common-values.yaml actions: onDeploy: after: - - description: Validate #TEMPLATE_APPLICATION_DISPLAY_NAME# Package + - description: Validate SocketZero Package maxTotalSeconds: 300 wait: cluster: kind: packages.uds.dev - name: #TEMPLATE_APPLICATION_NAME# - namespace: #TEMPLATE_APPLICATION_NAME# + name: socketzero + namespace: socketzero condition: "'{.status.phase}'=Ready" diff --git a/docs/configuration.md b/docs/configuration.md index 67426ff..b8acb69 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -1,5 +1,5 @@ # Configuration -#TEMPLATE_APPLICATION_DISPLAY_NAME# in this package is configured through [#TEMPLATE_APPLICATION_DISPLAY_NAME# UDS package](#UDS_PACKAGE_REPO#) as well as a UDS configuration chart that supports the following: +SocketZero in this package is configured through [SocketZero UDS package](https://github.com/radiusmethod/uds-package-socketzero) as well as a UDS configuration chart that supports the following: ## Additional Configuration Info Follows diff --git a/docs/justifications.md b/docs/justifications.md index 6e6a26b..ae26e40 100644 --- a/docs/justifications.md +++ b/docs/justifications.md @@ -1,6 +1,6 @@ -# UDS Package #TEMPLATE_APPLICATION_DISPLAY_NAME# +# UDS Package SocketZero -Details about the #TEMPLATE_APPLICATION_DISPLAY_NAME# package and requirements of [badging](https://github.com/defenseunicorns/uds-common/blob/main/docs/uds-packages/requirements/uds-package-requirements.md) that may not yet be met. +Details about the SocketZero package and requirements of [badging](https://github.com/defenseunicorns/uds-common/blob/main/docs/uds-packages/requirements/uds-package-requirements.md) that may not yet be met. diff --git a/renovate.json b/renovate.json index 893ea2a..4a97309 100644 --- a/renovate.json +++ b/renovate.json @@ -10,20 +10,20 @@ "schedule": ["after 7am and before 9am every weekday"], "packageRules": [ { - "groupName": "#TEMPLATE_APPLICATION_DISPLAY_NAME# Support Dependencies", + "groupName": "SocketZero Support Dependencies", "labels": ["support-deps"], "commitMessageTopic": "support-deps", "packagePatterns": ["*"] }, { - "groupName": "#TEMPLATE_APPLICATION_DISPLAY_NAME# Package Dependencies", + "groupName": "SocketZero Package Dependencies", "labels": ["package-deps"], "commitMessageTopic": "package-deps", "matchPackageNames": ["!/^mcr\\.microsoft\\.com\\/playwright$/"], "matchDatasources": ["docker", "helm", "git-tags"] }, { - "groupName": "#TEMPLATE_APPLICATION_DISPLAY_NAME# Package Dependencies", + "groupName": "SocketZero Package Dependencies", "labels": ["package-deps"], "commitMessageTopic": "package-deps", "matchPackageNames": ["https://repo1.dso.mil/path/to/application.git"], diff --git a/tasks/test.yaml b/tasks/test.yaml index a7c2035..36a2fac 100644 --- a/tasks/test.yaml +++ b/tasks/test.yaml @@ -12,12 +12,12 @@ tasks: # Ensure application deploys successfully and becomes available - name: health-check actions: - - description: #TEMPLATE_APPLICATION_DISPLAY_NAME# Health Check + - description: SocketZero Health Check wait: cluster: kind: Deployment - name: #TEMPLATE_APPLICATION_NAME# - namespace: #TEMPLATE_APPLICATION_NAME# + name: socketzero + namespace: socketzero condition: Available # # If application manages custom resources, then test creating custom resources @@ -54,18 +54,18 @@ tasks: - name: ingress actions: - - description: #TEMPLATE_APPLICATION_DISPLAY_NAME# UI Status Check + - description: SocketZero UI Status Check maxRetries: 30 cmd: | - STATUS=$(curl -L -o /dev/null -s -w "%{http_code}\n" https://#TEMPLATE_APPLICATION_NAME#.uds.dev) - echo "#TEMPLATE_APPLICATION_DISPLAY_NAME# system status: ${STATUS}" + STATUS=$(curl -L -o /dev/null -s -w "%{http_code}\n" https://socketzero.uds.dev) + echo "SocketZero system status: ${STATUS}" if [ "$STATUS" != "200" ]; then sleep 10 exit 1 fi - name: ui - description: #TEMPLATE_APPLICATION_DISPLAY_NAME# UI Checks + description: SocketZero UI Checks actions: - cmd: | docker run --user="$(id -u)" --rm --ipc=host --net=host --mount type=bind,source="$(pwd)",target=/app mcr.microsoft.com/playwright:v1.54.1-jammy sh -c " \ diff --git a/tests/package-lock.json b/tests/package-lock.json index fc51190..5dd3998 100644 --- a/tests/package-lock.json +++ b/tests/package-lock.json @@ -1,11 +1,11 @@ { - "name": "uds-package-#TEMPLATE_APPLICATION_NAME#", + "name": "uds-package-socketzero", "version": "1.0.0", "lockfileVersion": 3, "requires": true, "packages": { "": { - "name": "uds-package-#TEMPLATE_APPLICATION_NAME#", + "name": "uds-package-socketzero", "license": "Apache-2.0", "devDependencies": { "@playwright/test": "^1.49.0", diff --git a/tests/package.json b/tests/package.json index 1ae8657..767a2de 100644 --- a/tests/package.json +++ b/tests/package.json @@ -1,5 +1,5 @@ { - "name": "uds-package-#TEMPLATE_APPLICATION_NAME#", + "name": "uds-package-socketzero", "license": "Apache-2.0", "devDependencies": { "@playwright/test": "^1.49.0", diff --git a/tests/playwright.config.ts b/tests/playwright.config.ts index 75fbece..73ebc5c 100644 --- a/tests/playwright.config.ts +++ b/tests/playwright.config.ts @@ -27,7 +27,7 @@ export default defineConfig({ use: { // video: 'on', - baseURL: process.env.BASE_URL || 'https://#TEMPLATE_APPLICATION_NAME#.uds.dev', // for `await page.goto('/')` etc + baseURL: process.env.BASE_URL || 'https://socketzero.uds.dev', // for `await page.goto('/')` etc trace: 'on-first-retry', // collect trace when retrying the failed test. See https://playwright.dev/docs/trace-viewer }, diff --git a/tests/template-application-name.test.ts b/tests/template-application-name.test.ts index 3a8915e..637f8d3 100644 --- a/tests/template-application-name.test.ts +++ b/tests/template-application-name.test.ts @@ -8,7 +8,7 @@ import { test, expect } from "@playwright/test"; // Customize tests for application being tested. Example given for reference function randomProjectName() { - return `uds-package-#TEMPLATE_APPLICATION_NAME#-${Math.floor((Math.random() * 1000))}`; + return `uds-package-socketzero-${Math.floor((Math.random() * 1000))}`; } test('create a project', async ({ page }) => { diff --git a/values/registry1-values.yaml b/values/registry1-values.yaml index 52d8fe4..c7eaf4e 100644 --- a/values/registry1-values.yaml +++ b/values/registry1-values.yaml @@ -4,6 +4,6 @@ # Values for registry1 flavor # Example variables from UDS package repo template. Update to relevant variables after templating -# image: -# repository: registry1.dso.mil/image -# tag: 1.2.3 +image: + repository: registry1.dso.mil/ironbank/radiusmethod/socketzero/receiver + tag: 0.5.9 diff --git a/zarf.yaml b/zarf.yaml index b20fa0a..7560cad 100644 --- a/zarf.yaml +++ b/zarf.yaml @@ -4,11 +4,11 @@ # yaml-language-server: $schema=https://raw.githubusercontent.com/defenseunicorns/zarf/main/zarf.schema.json kind: ZarfPackageConfig metadata: - name: #TEMPLATE_APPLICATION_NAME# - description: "UDS #TEMPLATE_APPLICATION_DISPLAY_NAME# package" + name: socketzero + description: "UDS SocketZero package" version: "dev" annotations: - dev.uds.title: #TEMPLATE_APPLICATION_DISPLAY_NAME# + dev.uds.title: SocketZero dev.uds.tagline: "" dev.uds.categories: "" dev.uds.keywords: "" @@ -25,43 +25,19 @@ variables: default: "example_db_endpoint" components: - - name: #TEMPLATE_APPLICATION_NAME# + - name: socketzero required: true - description: "Deploy #TEMPLATE_APPLICATION_DISPLAY_NAME#" + description: "Deploy SocketZero" import: path: common - only: - flavor: upstream + # only: + # flavor: registry1 + # cluster: + # architecture: amd64 charts: - - name: #TEMPLATE_APPLICATION_NAME# - valuesFiles: - - values/upstream-values.yaml - images: [] - - - name: #TEMPLATE_APPLICATION_NAME# - required: true - description: "Deploy #TEMPLATE_APPLICATION_DISPLAY_NAME#" - import: - path: common - only: - flavor: registry1 - cluster: - architecture: amd64 - charts: - - name: #TEMPLATE_APPLICATION_NAME# + - name: socketzero valuesFiles: - values/registry1-values.yaml - images: [] - - - name: #TEMPLATE_APPLICATION_NAME# - required: true - description: "Deploy #TEMPLATE_APPLICATION_DISPLAY_NAME#" - import: - path: common - only: - flavor: unicorn - charts: - - name: #TEMPLATE_APPLICATION_NAME# - valuesFiles: - - values/unicorn-values.yaml - images: [] + images: + - registry1.dso.mil/ironbank/radiusmethod/socketzero/receiver:0.5.9 + - registry1.dso.mil/ironbank/bitnami/redis:8.0.3 From bf2e0dbcf8486288f4dd671334a8ac5304457c7b Mon Sep 17 00:00:00 2001 From: Danny Gershman Date: Fri, 8 Aug 2025 15:38:45 -0400 Subject: [PATCH 2/5] working with config.json --- .gitignore | 2 ++ Makefile | 23 ++++++++++++ README.md | 76 ++++++--------------------------------- TODO.md | 7 ++-- bundle/uds-bundle.yaml | 21 +++++++---- bundle/uds-config.yaml | 7 ---- chart/values.yaml | 15 -------- common/zarf.yaml | 10 +++++- values/common-values.yaml | 19 ++++------ zarf.yaml | 18 ++++------ 10 files changed, 76 insertions(+), 122 deletions(-) create mode 100644 Makefile diff --git a/.gitignore b/.gitignore index 5abc208..0b0efc6 100644 --- a/.gitignore +++ b/.gitignore @@ -31,3 +31,5 @@ node_modules/ # VSCode .vscode/ + +config.json diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..ec8491e --- /dev/null +++ b/Makefile @@ -0,0 +1,23 @@ +.PHONY: package +package: + uds zarf package create --confirm + +.PHONY: bundle +bundle: + uds create bundle --confirm + +.PHONY: deploy +deploy: + uds deploy bundle/uds-bundle-socketzero-arm64-dev.tar.zst --confirm --set config="$(cat config.json)" + +.PHONY: all +all: package bundle deploy + +.DEFAULT_GOAL := help +.PHONY: help +help: + @echo "Available targets:" + @echo " package - Create the zarf package" + @echo " bundle - Create the UDS bundle" + @echo " deploy - Deploy the bundle" + @echo " help - Show this help message" diff --git a/README.md b/README.md index 6479bec..df78b50 100644 --- a/README.md +++ b/README.md @@ -1,70 +1,14 @@ -# UDS Package Template +# SocketZero UDS Package -UDS package template is a starting point for creating a new UDS package. It includes a basic structure for a UDS package and a set of tasks to help you get started. +### To build the zarf + UDS bundle run -> [!TIP] -> Found an issue in this template or looking for how to contribute? Check out the [Contributing Guidelines](#contributing) +``` +uds zarf package create +uds create bundle --confirm +``` -After creating a repo from the UDS Package Template, follow [Making it your own](#make-it-your-own) documentation in order to customize the template for a new application package. +### To deploy the UDS package. -## Make it your own - -1. Replace some common placeholders - -| value | replace_with | example | -| ------------------------------------- | --------------------------- | ------------------------------------------------------ | -| `socketzero` | application name | nginx, mattermost, cert-manager, etc... | -| `SocketZero` | application name for humans | NGINX, Mattermost Cert Manager, etc... | -| `#TEMPLATE_CHART_REPO#` | chart repository URL | `https://charts.jetstack.io/` | -| `https://github.com/radiusmethod/uds-package-socketzero` | package repository URL | `https://github.com/defenseunicorns/uds-package-nginx` | - -2. Review, determine your need, and update - -The following files will need to be customized for the application being packaged and include things like dependencies and application specific helm values. Examples have been included for reference. - -| File/Directory | Function | New Package ToDos | -| :---------------------------- | :-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| .github/ | **CICD** pipeline specification | If the package requires any workflow customizations, such as needing specific runners testing other flavors, they can be customized. Else the template values should work fine. | -| adr/ | **DOCS**: Architecture Design Records. | Record any architectural decisions per the format found in this directory. | -| bundle/ | **DEV/TEST**: Test/example UDS bundle used to test the UDS package with UDS core. Should include any required dependencies and configuration needed for a test deployment. | Update fields to match this app's name, version, etc. | -| chart/ | **CHART**: Contains helm chart for [UDS Package custom resources](https://github.com/defenseunicorns/uds-core/blob/main/docs/reference/configuration/UDS%20operator/overview.md). Used to configure things like SSO, Virtual Services, Network Polices, etc. Can also contain any extra K8s manifests which need deployed before/after the main application. | Customize UDS configuration chart for application. At a minimum it should include a uds-package that provisions required network policies and any required SSO configuration. | -| common/zarf.yaml | **ZARF PACKAGE**: Root zarf package definition for _this app_ conventionally placed in `common/`. The root-level `zarf.yaml` imports this by explicit reference to this file path. | Customize to include application images, helm chart, variables, version, etc. | -| docs/ | **DOCS**: Package specific documentation such as detailed configuration info that is too indepth to go in the README | Add documentation. | -| src/ | **DEV/TEST**: New/bespoke Zarf packages to support dev/test bundle. These must exist before the main package is deployed, but are not part of it. One use-case is creating the namespace where Minio can deploy secrets _before_ the app that would otherwise create that namespace comes to exist. Other use-cases are databases (probably should be it's own UDS package) and some secrets. | Add custom Zarf packages as necessary. | -| tasks/ | **DEV/TEST**: UDS filename-scoped tasks. | Add tasks as necessary to support your development loop. The templated tasks are often sufficient. | -| tasks/tests.yaml | **DEV/TEST**: UDS tasks defined for testing the package deployed. | Customize based on application resource names and types, playwright tests that need to run, and/or custom resources that the application manages. | -| tests/ | **DEV/TEST**: Test files included are examples only since testing is very application specific and may include UI testing with playwright, testing custom resources being deployed in cluster, or other types of tests not included in the examples. | If application creates resources in cluster based on custom resources (example applications: cert-manager, trust-manager, database operators, etc), then test data can include a zarf package that deploys a custom resource so tests can ensure the application is creating resources as expected `tests/optional-example-zarf-tests/*`.

If application has an exposed web interface to test, then customize these files for playwright to authenticate and test application endpoints. Rename template-application-name to match your application name `tests/template-application-name.test.ts` `tests/auth.setup.ts` | -| .gitlab-ci.yml | **CICD**: Pipeline specification for GitLab | If the package requires any workflow customizations, such as needing specific runners testing other flavors, they can be customized. Else the template values should work fine. | -| README.md | **DOCS**: UDS package README. | Replace contents of README.md with README-template.md and customize for application being packaged when done following this README's guidance. | -| releaser.yaml | **CICD**: File that defines the current version for each flavor. | When ready to release, delete any flavors not applicable to project, set versions to correct ones for each flavor, and uncomment lines | -| renovate.json | **CICD**: Custom rules for renovate to update things. | Add any custom package rules if needed for renovate to properly update things such as repo1 packages. Includes an example. | -| zarf.yaml | **ZARF PACKAGE**: top-level Zarf package definition. | Copy from `common/zarf.yaml` the settings you'd like to expose for changes, much like a top-level values.yaml file. Often flavors, images, and variables are also specified primarily here, not in `common/zarf.yaml`. | - -3. Almost there... - - `mv README-template.md README.md` - - `rm -rf tasks/template.yaml` - - Remove extra lines from [tasks.yaml](./tasks.yaml) - - Follow the `CODEOWNERS-template.md` to update your `CODEOWNERS` file. - -You are ready to start integrating (and testing with CI) your application with UDS Core! - -## Releasing - -When you're ready to release your package, you'll need to modify the `releaser.yaml` file to include the correct versions of your package's flavors. If your package doesn't have a flavor, just delete it from the releaser.yaml file. When you're actually ready to have a release tagged and a package pushed to GHCR, uncomment the contents of the file. - -## Engineers External to Defense Unicorns - -For engineers that are external to the Defense Unicorns organization, the following files may not be applicable to your situation, and can be modified or removed. - - releaser.yaml - - .gitlab-ci.yml - - renovate.json - - .github/workflows (the workflows are still applicable, but the runners, tokens, and secrets will have to be updated to reflect your environment.) - -## Contributing - -> [!NOTE] -> As a template repository, the [CONTRIBUTING.md](./CONTRIBUTING.md) file is a part of the template and NOT the contributing guidelines for this repository. The contributing guidelines for this repository are articulated here. - -This template repository is part of Defense Unicorns' Unicorn Delivery Service and follows the contributing guidelines outlined in that repositories' [CONTRIBUTING.md](https://github.com/defenseunicorns/uds-common/blob/main/CONTRIBUTING.md) file. - -Feel free to [open a new issue](https://github.com/defenseunicorns/uds-package-template/issues/new/choose) for any defects or feature requests. +```shell +uds deploy bundle/uds-bundle-socketzero-arm64-0.0.1.tar.zst --confirm --set socketzero_license_org="" --set socketzero_license_key="" --set socketzero_config="$(cat config.json | base64)" +``` diff --git a/TODO.md b/TODO.md index 36f151e..6bd5930 100644 --- a/TODO.md +++ b/TODO.md @@ -3,8 +3,11 @@ ## Development Tasks - [ ] need to add integration for authservice - [ ] keycloak permissions -- [ ] pass socketzero receiver configuration -- [ ] pass license information to socketzero +- [ ] redis password +- [3] configuration outside the package +- [x] pass socketzero receiver configuration +- [x] pass license information to socketzero +- [x] ingress - [x] uds package doesn't seem to be created and health check is failing ## Testing diff --git a/bundle/uds-bundle.yaml b/bundle/uds-bundle.yaml index ab5af91..8384e83 100644 --- a/bundle/uds-bundle.yaml +++ b/bundle/uds-bundle.yaml @@ -5,14 +5,23 @@ kind: UDSBundle metadata: name: socketzero description: A UDS bundle for deploying SocketZero and its dependencies on a development cluster - version: dev + version: 0.0.1 packages: - # socketzero has a dependency on some-application - # - name: some-application - # repository: ghcr.io/defenseunicorns/packages/uds/some-application - # ref: 0.1.3-upstream - - name: socketzero path: ../ ref: dev + + overrides: + socketzero: + socketzero: + variables: + - name: SOCKETZERO_CONFIG + path: "config_base64" + description: "Set the config for socketzero" + - name: SOCKETZERO_LICENSE_ORG + path: "license.organization" + description: "Set the organization for the license" + - name: SOCKETZERO_LICENSE_KEY + path: "license.key" + description: "Set the key for the license" diff --git a/bundle/uds-config.yaml b/bundle/uds-config.yaml index 23da236..2067cc5 100644 --- a/bundle/uds-config.yaml +++ b/bundle/uds-config.yaml @@ -1,9 +1,2 @@ # Copyright 2024 Defense Unicorns # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial - -# variables: -# some-application: -# EXAMPLE_DEP_PACKAGE_VAR: true -# socketzero: -# EXAMPLE_DB_USERNAME: my-postgres-user -# EXAMPLE_DB_ENDPOINT: postgres diff --git a/chart/values.yaml b/chart/values.yaml index 8413728..5fa133d 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -12,18 +12,3 @@ sso: providerName: "SocketZero" # Support for custom `network.allow` entries on the Package CR additionalNetworkAllow: [] -# # Notice no `remoteGenerated` field here on custom internal rule -# - direction: Ingress -# selector: -# app: jenkins -# remoteNamespace: jenkins -# remoteSelector: -# app: jenkins -# port: 8180 -# description: "Ingress from Jenkins" -# # No `remoteNamespace`, `remoteSelector`, or `port` fields on rule to `remoteGenerated` -# - direction: Egress -# selector: -# app: webservice -# remoteGenerated: Anywhere -# description: "Egress from socketzero" diff --git a/common/zarf.yaml b/common/zarf.yaml index 69d74ed..00c7fe5 100644 --- a/common/zarf.yaml +++ b/common/zarf.yaml @@ -7,6 +7,14 @@ metadata: name: socketzero-common description: "UDS SocketZero Common Package" +variables: + - name: SOCKETZERO_CONFIG + description: "JSON configuration for SocketZero" + - name: SOCKETZERO_LICENSE_ORG + description: "Organization name for the license" + - name: SOCKETZERO_LICENSE_KEY + description: "License key for SocketZero" + components: - name: socketzero required: true @@ -19,7 +27,7 @@ components: namespace: socketzero url: https://github.com/radiusmethod/socketzero-helm.git gitPath: . - version: 0.5.9 + version: 0.5.9-r1 valuesFiles: - ../values/common-values.yaml actions: diff --git a/values/common-values.yaml b/values/common-values.yaml index fd2d601..e934d45 100644 --- a/values/common-values.yaml +++ b/values/common-values.yaml @@ -3,16 +3,9 @@ # Values common to all flavors -# Example variables from UDS package repo template. Update to relevant variables after templating -# imagePullSecrets: -# - name: "private-registry" - -# postgresql: -# enabled: false -# postgresqlServer: ###ZARF_VAR_EXAMPLE_DB_ENDPOINT### -# existingSecret: "example-postgres" -# existingSecretPasswordKey: "password" -# postgresqlUsername: ###ZARF_VAR_EXAMPLE_DB_USERNAME### -# postgresqlDatabase: ###ZARF_VAR_EXAMPLE_DB_NAME### -# service: -# port: 5432 +debug: true +maxRequestHeaderSize: "8192" # this can be adjusted to deal with larger header sizes such as with passing certs with Keycloak +license: + organization: "###ZARF_VAR_SOCKETZERO_LICENSE_ORG###" + key: "###ZARF_VAR_SOCKETZERO_LICENSE_KEY###" +config: "###ZARF_VAR_SOCKETZERO_CONFIG###" diff --git a/zarf.yaml b/zarf.yaml index 7560cad..1a7a890 100644 --- a/zarf.yaml +++ b/zarf.yaml @@ -15,14 +15,14 @@ metadata: dev.uds.icon: "" variables: - - name: EXAMPLE_VARIABLES - default: "examples" - name: DOMAIN default: "uds.dev" - - name: EXAMPLE_DB_USERNAME - default: "example_username" - - name: EXAMPLE_DB_ENDPOINT - default: "example_db_endpoint" + - name: SOCKETZERO_CONFIG + description: "JSON configuration for SocketZero" + - name: SOCKETZERO_LICENSE_ORG + description: "Organization name for the license" + - name: SOCKETZERO_LICENSE_KEY + description: "License key for SocketZero" components: - name: socketzero @@ -30,14 +30,8 @@ components: description: "Deploy SocketZero" import: path: common - # only: - # flavor: registry1 - # cluster: - # architecture: amd64 charts: - name: socketzero - valuesFiles: - - values/registry1-values.yaml images: - registry1.dso.mil/ironbank/radiusmethod/socketzero/receiver:0.5.9 - registry1.dso.mil/ironbank/bitnami/redis:8.0.3 From a1d6f3eff41e22584f55d206a1a140b11debf1ee Mon Sep 17 00:00:00 2001 From: Danny Gershman Date: Mon, 11 Aug 2025 16:59:11 -0400 Subject: [PATCH 3/5] working config --- .github/workflows/ci-docs-shim.yaml | 2 +- .github/workflows/release.yaml | 2 +- TODO.md | 7 +++++-- chart/templates/template-sso-secret.yaml | 18 ----------------- chart/templates/uds-package.yaml | 25 +++--------------------- chart/values.yaml | 6 +----- common/zarf.yaml | 2 ++ 7 files changed, 13 insertions(+), 49 deletions(-) delete mode 100644 chart/templates/template-sso-secret.yaml diff --git a/.github/workflows/ci-docs-shim.yaml b/.github/workflows/ci-docs-shim.yaml index 96b98c7..fa96902 100644 --- a/.github/workflows/ci-docs-shim.yaml +++ b/.github/workflows/ci-docs-shim.yaml @@ -27,7 +27,7 @@ jobs: strategy: matrix: type: [install, upgrade] - flavor: [upstream, registry1, unicorn] + flavor: [] uses: defenseunicorns/uds-common/.github/workflows/callable-ci-docs-shim.yaml@f17368a15fae15275792abf7bf4f7f91d1526929 # v1.16.4 with: flavor: ${{ matrix.flavor }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index bee07a1..1a3ee75 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -22,7 +22,7 @@ jobs: id-token: write strategy: matrix: - flavor: [upstream, registry1, unicorn] + flavor: [] architecture: [amd64, arm64] exclude: - flavor: registry1 diff --git a/TODO.md b/TODO.md index 6bd5930..3b0e870 100644 --- a/TODO.md +++ b/TODO.md @@ -2,9 +2,12 @@ ## Development Tasks - [ ] need to add integration for authservice -- [ ] keycloak permissions - [ ] redis password -- [3] configuration outside the package +- [ ] convert socketzero license to a secret +- [ ] restart the socketzero pod when config + license info change +- [ ] documentation for SZ configuration permissions + roles +- [x] keycloak permissions +- [x] configuration outside the package - [x] pass socketzero receiver configuration - [x] pass license information to socketzero - [x] ingress diff --git a/chart/templates/template-sso-secret.yaml b/chart/templates/template-sso-secret.yaml deleted file mode 100644 index cce1c6b..0000000 --- a/chart/templates/template-sso-secret.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright 2024 Defense Unicorns -# SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial - -# This secret will be used if sso is disabled, instead of the templated one in uds-package.yaml. -# SocketZero needs to mount the secret and creating it this way avoids creating an unnecessary -# client in the keycloak realm and unnecessary secret data in the cluster. -{{- if not .Values.sso.enabled }} - -apiVersion: v1 -kind: Secret -metadata: - name: {{ .Values.sso.secretName }} - namespace: {{ .Release.Namespace }} -type: "Opaque" -stringData: - socketzero.sso.config.key: | - example.saml.enabled: {{ .Values.sso.enabled }} -{{- end }} diff --git a/chart/templates/uds-package.yaml b/chart/templates/uds-package.yaml index f6f2c59..181b5f8 100644 --- a/chart/templates/uds-package.yaml +++ b/chart/templates/uds-package.yaml @@ -12,29 +12,10 @@ spec: - name: SocketZero Login clientId: uds-package-socketzero redirectUris: - - "https://socketzero.{{ .Values.domain }}/oauth2/callback/saml" - protocol: saml - defaultClientScopes: - - "mapper-saml-email-email" - - "mapper-saml-username-login" - - "mapper-saml-username-name" - - attributes: - saml.client.signature: "false" - + - "https://socketzero.{{ .Values.domain }}/login" secretName: {{ .Values.sso.secretName }} - # This secret template configures sso for the application. Will need updated based on application required configuration - secretTemplate: - socketzero.sso.config.key: | - example.auth.saml.enabled: {{ .Values.sso.enabled }} - example.auth.saml.applicationId: clientField(clientId) - example.auth.saml.providerName: {{ .Values.sso.saml.providerName }} - example.auth.saml.providerId: https://sso.{{ .Values.domain }}/realms/uds - example.auth.saml.loginUrl: https://sso.{{ .Values.domain }}/realms/uds/protocol/saml - example.auth.saml.user.login: login - example.auth.saml.user.name: name - example.auth.saml.user.email: email - example.auth.saml.certificate.secured: clientField(samlIdpCertificate) + enableAuthserviceSelector: + app: socketzero {{- end }} # Customize network policies and expose services via istio network: diff --git a/chart/values.yaml b/chart/values.yaml index 5fa133d..f100190 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -4,11 +4,7 @@ # Example values from UDS package repo template domain: "###ZARF_VAR_DOMAIN###" sso: - enabled: false - protocol: saml + enabled: true secretName: socketzero-sso - adminGroups: ["/SocketZero Admin", "/UDS Core/Admin"] - saml: - providerName: "SocketZero" # Support for custom `network.allow` entries on the Package CR additionalNetworkAllow: [] diff --git a/common/zarf.yaml b/common/zarf.yaml index 00c7fe5..c7127de 100644 --- a/common/zarf.yaml +++ b/common/zarf.yaml @@ -8,6 +8,8 @@ metadata: description: "UDS SocketZero Common Package" variables: + - name: DOMAIN + description: "Domain for SocketZero" - name: SOCKETZERO_CONFIG description: "JSON configuration for SocketZero" - name: SOCKETZERO_LICENSE_ORG From 039981e95e99baf981b324171e905b1d502a61c1 Mon Sep 17 00:00:00 2001 From: Danny Gershman Date: Mon, 11 Aug 2025 22:54:56 -0400 Subject: [PATCH 4/5] authservice working --- README.md | 8 ++++++++ TODO.md | 2 +- chart/templates/uds-package.yaml | 3 +-- chart/values.yaml | 1 - values/common-values.yaml | 5 ++++- 5 files changed, 14 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index df78b50..3f6b89d 100644 --- a/README.md +++ b/README.md @@ -12,3 +12,11 @@ uds create bundle --confirm ```shell uds deploy bundle/uds-bundle-socketzero-arm64-0.0.1.tar.zst --confirm --set socketzero_license_org="" --set socketzero_license_key="" --set socketzero_config="$(cat config.json | base64)" ``` + +### To test remotely + +Copy the remote kubeconfig locally. + +```shell +ssh -l 127.0.0.1:6550:127.0.0.1:6550 user@remote-ip -i ~/.ssh/key.pem +``` diff --git a/TODO.md b/TODO.md index 3b0e870..abda65b 100644 --- a/TODO.md +++ b/TODO.md @@ -1,7 +1,7 @@ # TODO ## Development Tasks -- [ ] need to add integration for authservice +- [x] need to add integration for authservice - [ ] redis password - [ ] convert socketzero license to a secret - [ ] restart the socketzero pod when config + license info change diff --git a/chart/templates/uds-package.yaml b/chart/templates/uds-package.yaml index 181b5f8..4028937 100644 --- a/chart/templates/uds-package.yaml +++ b/chart/templates/uds-package.yaml @@ -13,9 +13,8 @@ spec: clientId: uds-package-socketzero redirectUris: - "https://socketzero.{{ .Values.domain }}/login" - secretName: {{ .Values.sso.secretName }} enableAuthserviceSelector: - app: socketzero + app.kubernetes.io/name: socketzero {{- end }} # Customize network policies and expose services via istio network: diff --git a/chart/values.yaml b/chart/values.yaml index f100190..62f96a3 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -5,6 +5,5 @@ domain: "###ZARF_VAR_DOMAIN###" sso: enabled: true - secretName: socketzero-sso # Support for custom `network.allow` entries on the Package CR additionalNetworkAllow: [] diff --git a/values/common-values.yaml b/values/common-values.yaml index e934d45..9f8f116 100644 --- a/values/common-values.yaml +++ b/values/common-values.yaml @@ -3,9 +3,12 @@ # Values common to all flavors -debug: true +debug: false maxRequestHeaderSize: "8192" # this can be adjusted to deal with larger header sizes such as with passing certs with Keycloak license: organization: "###ZARF_VAR_SOCKETZERO_LICENSE_ORG###" key: "###ZARF_VAR_SOCKETZERO_LICENSE_KEY###" config: "###ZARF_VAR_SOCKETZERO_CONFIG###" +redis: + auth: + password: "helloworld" From 381ca4c86e91f348b91b01afaac1e245e12a7e75 Mon Sep 17 00:00:00 2001 From: Danny Gershman Date: Tue, 12 Aug 2025 14:44:35 -0400 Subject: [PATCH 5/5] adding tags --- zarf.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/zarf.yaml b/zarf.yaml index 1a7a890..1f49565 100644 --- a/zarf.yaml +++ b/zarf.yaml @@ -9,10 +9,10 @@ metadata: version: "dev" annotations: dev.uds.title: SocketZero - dev.uds.tagline: "" - dev.uds.categories: "" - dev.uds.keywords: "" - dev.uds.icon: "" + dev.uds.tagline: Military-grade Post Quantum Zero Trust access for your most critical applications + dev.uds.categories: Networking, Cybersecurity + dev.uds.keywords: Socketzero, Radius Method, Zero Trust, Networking, Beyondcorp, Post Quantum, TCP, UDP + dev.uds.icon: data:image/svg+xml;base64,iVBORw0KGgoAAAANSUhEUgAAAHwAAAB8CAYAAACrHtS+AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyNpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDYuMC1jMDAyIDc5LjE2NDM1MiwgMjAyMC8wMS8zMC0xNTo1MDozOCAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wPSJodHRw variables: - name: DOMAIN