From 367f7cc16cf29a15d63f989fff2ae84295616b89 Mon Sep 17 00:00:00 2001 From: Andreas Falk Date: Fri, 12 Jan 2024 11:49:12 +0100 Subject: [PATCH] Update README.md --- README.md | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 5fccb10..dd1488a 100644 --- a/README.md +++ b/README.md @@ -5,21 +5,23 @@ # Supply Chain Security -Demos for software supply chain security +Demos for software supply chain security. +This repository demonstrates, how to build a secure CI-/CD Pipeline based on GitHub actions. +It includes SAST, SCA and build provenance as part of this. +The demo code contains application and infrastructure as code parts. - -## IaC: Provision a kubernetes cluster +## IaC: Provision a Kubernetes cluster Next, we will provision a Kubernetes cluster on Google Cloud (GKE). -### Setup gcloud SDK +### Setup GCloud SDK After you've installed the gcloud SDK, initialize it by running the following command. `gcloud init` -This will authorize the SDK to access GCP using your user account credentials and add the SDK to your PATH. This steps requires you to login and select the project you want to work in. +This will authorize the SDK to access GCP using your user account credentials and add the SDK to your PATH. This step requires you to log in and select the project you want to work in. Finally, add your account to the Application Default Credentials (ADC). This will allow Terraform to access these credentials to provision resources on GCloud. @@ -27,10 +29,10 @@ Finally, add your account to the Application Default Credentials (ADC). This wil ### Terraform -In subfolder _iac_, you will find four files used to provision a VPC, subnets and a GKE cluster. +In subfolder _iac_, you will find four files used to provision a VPC, subnets, and a GKE cluster. * __vpc.tf__ provisions a VPC and subnet. A new VPC is created for this tutorial so it doesn't impact your existing cloud environment and resources. This file outputs region. -* __gke.tf__ provisions a GKE cluster and a separately managed node pool (recommended). Separately managed node pools allows you to customize your Kubernetes cluster profile — this is useful if some Pods require more resources than others. You can learn more here. The number of nodes in the node pool is defined also defined here. +* __gke.tf__ provisions a GKE cluster and a separately managed node pool (recommended). Separately managed node pools allow you to customize your Kubernetes cluster profile — this is useful if some Pods require more resources than others. You can learn more here. The number of nodes in the node pool is also defined here. * __terraform.tfvars__ is a template for the project_id and region variables. * __versions.tf__ sets the Terraform version to at least 0.14. @@ -52,9 +54,9 @@ After you have saved your customized variables file, initialize your Terraform w `terraform init` -In your initialized directory, run terraform apply and review the planned actions. Your terminal output should indicate the plan is running and what resources will be created. +In your initialized directory, run `terraform apply` and review the planned actions. Your terminal output should indicate the plan is running and what resources will be created. -You can see this terraform apply will provision a VPC, subnet, GKE Cluster and a GKE node pool. Confirm the apply with a _yes_. +You can see this `terraform apply` will provision a VPC, subnet, GKE Cluster, and a GKE node pool. Confirm the _apply_ with a _yes_. This process should take approximately 10 minutes. Upon successful application, your terminal prints the outputs defined in `vpc.tf` and `gke.tf`.