You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A Helm chart to provide an opinionated deployment of Trustee in a validated pattern
6
6
7
-
This chart is used to serve as the template for Validated Patterns Charts
7
+
This chart is intended for use with the [coco-pattern](https://github.com/validatedpatterns/coco-pattern) and other validated patterns.
8
+
9
+
It is part of three charts that are intended to be used together:
10
+
1.[trustee](https://github.com/validatedpatterns/trustee-chart) indended to deploy the Key Broker Service (KBS) and related infrastructure (this chart))
11
+
1. This should be deployed on an ACM hub cluster
12
+
2.[sandboxed-containers](https://github.com/validatedpatterns/sandboxed-containers-chart) intended to be deployed on an ACM spoke cluster where there is access to confidential hardware
13
+
3.[sandboxed-policies](https://github.com/validatedpatterns/sandboxed-policies-chart) intended to be deployed on an ACM hub cluster which pushes polices to the spoke cluster.
14
+
15
+
In order to use this chart, you will need to:
16
+
1. Have a security policy created and available. This is a container security policy that will be used to verify the inside a kata vm.
17
+
1. See here for more information: https://docs.redhat.com/en/documentation/openshift_sandboxed_containers/1.10/html/deploying_red_hat_build_of_trustee/deploying-trustee_azure-trustee#creating-image-verification-policy_azure-trustee
18
+
2. Have a public key created and available. This is a public key that will be used to authenticate the KBS management API.
19
+
3. Have a list of secret resources to be added to the KBS as a list of name, key pairs where key is the path to the secret in the secret store. These will be used to authenticate the KBS management API.
Copy file name to clipboardExpand all lines: README.md.gotmpl
+14-1Lines changed: 14 additions & 1 deletion
Original file line number
Diff line number
Diff line change
@@ -5,7 +5,20 @@
5
5
6
6
{{ template"chart.description". }}
7
7
8
-
This chart is used to serve as the template for Validated Patterns Charts
8
+
This chart is intended for use with the [coco-pattern](https://github.com/validatedpatterns/coco-pattern) and other validated patterns.
9
+
10
+
It is part of three charts that are intended to be used together:
11
+
1. [trustee](https://github.com/validatedpatterns/trustee-chart) indended to deploy the Key Broker Service (KBS) and related infrastructure (this chart))
12
+
1. This should be deployed on an ACM hub cluster
13
+
2. [sandboxed-containers](https://github.com/validatedpatterns/sandboxed-containers-chart) intended to be deployed on an ACM spoke cluster where there is access to confidential hardware
14
+
3. [sandboxed-policies](https://github.com/validatedpatterns/sandboxed-policies-chart) intended to be deployed on an ACM hub cluster which pushes polices to the spoke cluster.
15
+
16
+
In order to use this chart, you will need to:
17
+
1. Have a security policy created and available. This is a container security policy that will be used to verify the inside a kata vm.
18
+
1. See here for more information: https://docs.redhat.com/en/documentation/openshift_sandboxed_containers/1.10/html/deploying_red_hat_build_of_trustee/deploying-trustee_azure-trustee#creating-image-verification-policy_azure-trustee
19
+
2. Have a public key created and available. This is a public key that will be used to authenticate the KBS management API.
20
+
3. Have a list of secret resources to be added to the KBS as a list of name, key pairs where key is the path to the secret in the secret store. These will be used to authenticate the KBS management API.
0 commit comments