Installing Deepfactor portal using Argo CD

Table of Contents

This document describes the steps needed to install Deepfactor portal in your Kubernetes cluster using Argo CD. This document assume that you have a Kubernetes cluster deployed using Argo CD. If you have not yet created one, please refer to the following article to create one

https://argo-cd.readthedocs.io/en/stable/

 

1. Install cert manager #

If you have already installed cert manager in your K8s cluster, you can skip this step. Create a yaml file (cert-manager.yaml) with the following contents.

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: cert-manager
  namespace: argocd
spec:
  destination:
    namespace: cert-manager
    server: https://kubernetes.default.svc
  project: default
  source:
    chart: cert-manager
    helm:
      parameters:
      - name: installCRDs
        value: "true"
    repoURL: https://charts.jetstack.io
    targetRevision: v1.8.0
  syncPolicy:
    automated: {}
    syncOptions:
    - CreateNamespace=true

 

Run the following command to install

kubectl apply -f ./cert-manager.yaml

2. Install ingress controller #

If you already have ingress controller installed, please refer to the following article to see how to add Deepfactor specific configuration to it.

Deepfactor Portal Installation with Existing Ingress Controller

If you do not have ingress controller installed, please create a yaml file (ingress-controller.yaml) with the following contents

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
   name: ingress-nginx
   namespace: argocd
spec:
  destination:
    namespace: ingress-nginx
    server: https://kubernetes.default.svc
  project: default
  source:
    chart: ingress-nginx
    helm:
      parameters:
      - name: tcp.13443
        value: "deepfactor/deepfactor-nginx:13443"
    repoURL: https://kubernetes.github.io/ingress-nginx
    targetRevision: 4.1.2
  syncPolicy:
    automated: {}
    syncOptions:
    - CreateNamespace=true

 

Run the following command to install

kubectl apply -f ./ingress-controller.yaml

 

3. Create an Argo CD application #

Create an Argo CD application with Deepfactor helm chart.

You can specify the list of helm chart parameters under spec.source.helm.parameters section. For a full list of Deepfactor helm chart parameters, refer to the following article

Install Deepfactor portal using Helm: Advanced Configuration

For examples of customization using helm parameters, refer to the following document

Customizing your Deepfactor Portal Deployment in K8s

 

Note: Since Argo CD does not support helm lookup command, you will need to generate strong passwords for clickhouse.password, postgres.password, appsettings.jwt (jwt secret) and nats.auth.token and provide them in the yaml file

Create a yaml file (deepfactor-project.yaml) with the helm parameters that suit your deployment preference.

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: deepfactor-portal
  namespace: argocd
spec:
  destination:
    namespace: deepfactor
    server: https://kubernetes.default.svc
  project: default
  source:
    chart: deepfactor
    helm:
      parameters:
      - name: dfstartup.config.emailID
        value: portal_admin_email_address
      - name: dfstartup.config.firstName
        value: portal_admin_first_name
      - name: dfstartup.config.lastName
        value: portal_admin_last_name
      - name: dfstartup.config.password
        value: SomeStr@ngP@ssword!
      - name: dfstartup.config.portalToken
        value: tokenFromMyDeepfactor # retrieve from my.deepfactor.io
      - name: dfwebscan.enableProxiedScans
        value: "false" # set true to enable through 13443 tcp ingress
      - name: ingress.certManager.enabled
        value: "true"
      - name: clickhouse.password
        value: strongCli4kPass
      - name: postgres.password
        value: strongP@stPass
      - name: ingress-nginx.enablemodule
        value: "false"
      - name: ingress.hostName
        value: your_preferred_portal_hostname # the hostname of your choice
      - name: nginx.ingress.className
        value: nginx
      - name: appsettings.jwt
        value: strongJWTSecret!
      - name: nats.auth.token
        value: strongNATSToken!
    repoURL: https://static.deepfactor.io/helm-charts
    targetRevision: 
  syncPolicy:
    automated: {}
    syncOptions:
    - CreateNamespace=true

 

Please enter appropriate values for the following in the above yaml file

portal_admin_email_address: This is the email address you will use to login to the portal once it is installed

portal_admin_first_name: First name of the admin user

portal_admin_last_name: Last name of the admin user

your_preferred_portal_hostname: The hostname you would like the Deepfactor portal to use. Please note, you will need to create a DNS entry for this hostname to ensure applications running with Deepfactor can reach the portal.

 

Run the following command to install Deepfactor portal.

kubectl apply -f ./deepfactor-project.yaml
Was this article helpful?

Powered by BetterDocs

Deepfactor Icon

Deepfactor is a developer security platform that enables engineering teams to quickly discover and resolve security vulnerabilities, supply chain risks, and compliance violations early in development and testing.

Product Pricing Resources Company Documentation Login Demo

SUBSCRIBE TO OUR NEWSLETTER!

© 2023 Deepfactor, Inc. All Rights Reserved.

Privacy Policy | Terms of Service | Open Source Disclosure