diff --git a/content/10-rhacs-setup/_index.md b/content/10-rhacs-setup/_index.md index d092000..b0e948d 100644 --- a/content/10-rhacs-setup/_index.md +++ b/content/10-rhacs-setup/_index.md @@ -178,6 +178,9 @@ curl -k -o bundle.json -X POST -u "admin:$PASSWORD" -H "Content-Type: applicatio ```bash cat bundle.json | jq -r '.kubectlBundle' > bundle64 +``` + +```bash base64 -d bundle64 > kube-secrets.bundle ``` @@ -212,6 +215,7 @@ You are ready to install the **SecuredClusters** instance, this will deploy the - In the **OpenShift Web Console** go to the **ACS Operator** in **Operators->Installed Operators** - Using the Operator create an instance of the **Secured Cluster** type **in the Project you created** (should be stackrox) +- If you are in the **YAML** view switch to the **Form** view - Change the **Cluster Name** for the cluster if you want, it'll appear under this name in the **ACS Portal** - And most importantly for **Central Endpoint** enter the address and port number of your **Central** instance, this is the same as the **ACS Portal**. - If your **ACS Portal** is available at `https://central-stackrox.apps.` the endpoint is `central-stackrox.apps.:443`. diff --git a/content/13-rhacs-pipeline/_index.md b/content/13-rhacs-pipeline/_index.md index 1703c95..240de2a 100644 --- a/content/13-rhacs-pipeline/_index.md +++ b/content/13-rhacs-pipeline/_index.md @@ -15,11 +15,13 @@ ACS policies can act during the CI/CD pipeline to identify security risk in cont You should have created and build a custom policy in ACS and tested it to trigger violations. Now you will integrate it into the build pipeline. -### Let's go: Prepare `roxctl` +### Our task will use the `roxctl` cli -Build-time policies require the use of the `roxctl` command-line tool which is available for download from the ACS Central UI, in the upper right corner of the dashboard. `Roxctl` needs to authenticate to **ACS Central** to do anything. You can use either username and password or API tokens to authenticate against ACS Central. It's good practice to use a token so that's what we'll do. +Build-time policies require the use of the `roxctl` command-line tool which is available for download from the ACS Central UI, in the upper right corner of the dashboard. You don't need to to download this now as our Tekton task will do this automatically. -### Create the `roxctl` token +`roxctl` needs to authenticate to **ACS Central** to do anything. You can use either username and password or API tokens to authenticate against ACS Central. It's good practice to use a token so that's what we'll do. + +### Let's Go : Create the `roxctl` token In the **ACS portal**: