ansible-role-k8s-ci/README.md

[![Build Status](https://drone.reslinger.net/api/badges/adrien/ansible-role-k8s-ci/status.svg)](https://drone.reslinger.net/adrien/ansible-role-k8s-ci)

# ansible-role-k8s-ci

Déploie l'usine logiciel dans Kubernetes.

## Les composants de l'usine logiciel

- gitea

- drone (client / server)

- trivy

- vscode

- un registre docker (plus tard) [registry docker](https://github.com/cesanta/docker_auth/tree/main/chart/docker-auth) ou [distribution](https://github.com/distribution/distribution)

- [chartmuseum](https://artifacthub.io/packages/helm/chartmuseum/chartmuseum) (Manque l'authentification sur l'API)

- un scanner de vulnérabilité (plus tard aussi) [clair](https://github.com/quay/clair) avec [klar](https://github.com/optiopay/klar)
  - [How To: Build Your Own Clair and Docker Registry Environment!](https://www.x-cellent.com/blog/build-your-own-clair-registry/)
  - CoreOS Clair [part 1](https://medium.com/paloit/container-image-scanning-with-coreos-clair-part-1-17152d6a8421) et [part 2](https://medium.com/paloit/coreos-clair-part-2-installation-integration-558ec664cece)
  - [gitleak](https://github.com/zricethezav/gitleaks)
  - [notary](https://github.com/theupdateframework/notary) ?

- Notification de publication d'image docker [diun](https://github.com/crazy-max/diun)

- Fix docker registry retention [docker-registry-pruner](https://github.com/tumblr/docker-registry-pruner)