Skip to content

Commit

Permalink
docs: PLT-1516 Palette CLI Encryption (#5213)
Browse files Browse the repository at this point in the history 
* docs: PLT-1516

* docs: updated commands. PDE is wip

* docs: updated all CLI commands

* docs: update PCG section

* docs: updated self-hosted install guides

* docs: vale corrections

* docs: apply suggestions from code review

Co-authored-by: Lenny Chen <[email protected]>

* docs: Apply suggestions from code review

Co-authored-by: Lenny Chen <[email protected]>

* ci: auto-formatting prettier issues

---------

Co-authored-by: Lenny Chen <[email protected]>
Co-authored-by: karl-cardenas-coding <[email protected]>
  • Loading branch information
@karl-cardenas-coding @lennessyy
3 people authored Jan 6, 2025
1 parent 1c4a624 commit 158a658
Show file tree
Hide file tree
Showing 14 changed files with 428 additions and 247 deletions.
9 changes: 9 additions & 0 deletions docs/docs-content/automation/palette-cli/commands/commands.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,15 @@ Palette CLI supports the following global flags.
| `-l` | `--log-level` | Log level. Allowed values: `panic` `fatal` `error` `warn` `info` `debug` `trace` (default `info`) | string |
| `-w` | `--workspace` | Workspace location for staging runtime configurations and logs (default `$HOME/.palette`) | string |

## Environment Variables

The Palette CLI supports the following environment variables.

| Variable Name | Description | Type |
| ----------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ |
| `DISABLE_KIND_CLUSTER_CHECK` | If set to `true,` the Palette CLI will not check for existing kind clusters or whether the deployed kind cluster is up and active. | bool |
| `PALETTE_ENCRYPTION_PASSWORD` | The encryption passphrase Palette CLI will use to encrypt sensitive data. The passphrase must between 8 to 32 characters long with a capital letter, a lower letter, a digit and a special character. | string |

## Resources

- [Docs](docs.md)
Expand Down
24 changes: 15 additions & 9 deletions docs/docs-content/automation/palette-cli/commands/ec.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,11 @@ The `ec` command exposes the following subcommand.
- Docker is required to install a PCG cluster. Refer to the [Docker](https://docs.docker.com/get-docker/) documentation
to learn how to install Docker on your system.

- You must provide an encryption passphrase to secure sensitive data. The passphrase must be between 8 to 32 characters
long and contain a capital letter, a lowercase letter, a digit, and a special character. You can provide the
passphrase through the `PALETTE_ENCRYPTION_PASSWORD` environment variable or the `-k` or `--encryption-passphrase`
flag. Refer to the [Encryption](./../palette-cli.md#encryption) section for more information on encryption.

## Install

The `install` subcommand installs a Palette Enterprise Cluster in your target environment. You can install Palette or
Expand All @@ -37,15 +42,16 @@ you for required values. Alternatively, you can use flags to generate a configur

<br />

| Short Flag | Long Flag | Description | Type |
| ---------- | ---------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
| `-f` | `--config-file` | Install using a configuration file (optional). Use `-config-only` to generate a configuration file. | string |
| `-d` | `--skip-teardown` | Skip tear down of the kind cluster in case of errors. | boolean |
| `-o` | `--config-only` | Generate configuration file only. This command will not proceed with installation. | boolean |
| `-v` | `--custom-values-file` | Enterprise Cluster custom values.yaml configuration file (optional). Use this to customize the cluster profile of the Enterprise Cluster. Refer to the [custom value file](#custom-value-file) section for more information. | string |
| `-p` | `--update-passwords` | Update passwords only. Do not proceed with installation. The `--config-file` flag must also be provided. | string |
| `-t` | `--update-tokens` | Update authentication tokens only. Do not proceed with installation. The `--config-file` flag must be provided. | boolean |
| - | `--validate` | Scan the environment and conduct validation before the enterprise cluster is installed. | boolean |
| Short Flag | Long Flag | Description | Type |
| ---------- | ------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
| `-f` | `--config-file` | Install using a configuration file (optional). Use `-config-only` to generate a configuration file. | string |
| `-d` | `--skip-teardown` | Skip teardown of the kind cluster in case of errors. | boolean |
| `-k` | `--encryption-passphrase` | Encryption passphrase to secure sensitive data. The passphrase must be between 8 to 32 characters long and contain a capital letter, a lowercase letter, a digit, and a special character. Can be set through the environment variable `PALETTE_ENCRYPTION_PASSWORD`. Refer to the [Encryption](./../palette-cli.md#encryption) section for more information on encryption. | string |
| `-o` | `--config-only` | Generate configuration file only. This command will not proceed with installation. | boolean |
| `-v` | `--custom-values-file` | Enterprise cluster custom values.yaml configuration file (optional). Use this to customize the cluster profile of the enterprise cluster. Refer to the [custom value file](#custom-value-file) section for more information. | string |
| `-p` | `--update-passwords` | Update passwords only. Do not proceed with installation. The `--config-file` flag must also be provided. | string |
| `-t` | `--update-tokens` | Update authentication tokens only. Do not proceed with installation. The `--config-file` flag must be provided. | boolean |
| - | `--validate` | Scan the environment and conduct validation before the enterprise cluster is installed. | boolean |

### Examples

Expand Down
18 changes: 13 additions & 5 deletions docs/docs-content/automation/palette-cli/commands/import.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,13 +23,21 @@ imported clusters.

- Ensure you have `admin` or `cluster-admin` permissions on the cluster you are importing.

- You must log in to Palette using the `login` command before importing clusters.

- You must provide an encryption passphrase to secure sensitive data. The passphrase must be between 8 to 32 characters
long and contain a capital letter, a lowercase letter, a digit, and a special character. You can provide the
passphrase through the `PALETTE_ENCRYPTION_PASSWORD` environment variable or the `-k` or `--encryption-passphrase`
flag. Refer to the [Encryption](./../palette-cli.md#encryption) section for more information on encryption.

<br />

| **Long Flag** | **Description** | **Type** |
| ------------------ | ---------------------------------------------------------------------------- | -------- |
| `--kubeconfig` | Path to the kubeconfig for the cluster you would like to import (optional) | string |
| `--kubeconfig-dir` | Path to directory containing kubeconfigs for one or more clusters (optional) | string |
| `--uuid` | If true, a partial UUID is appended to each cluster name (optional) | boolean |
| **Short Flag** | **Long Flag** | **Description** | **Type** |
| -------------- | -------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- |
| `-k` | `---encryption-passphrase` | Encryption passphrase to secure sensitive data. The passphrase must be between 8 to 32 characters long and contain a capital letter, a lowercase letter, a digit, and a special character. Can be set through the environment variable `PALETTE_ENCRYPTION_PASSWORD`. Refer to the [Encryption](./../palette-cli.md#encryption) section for more information on encryption. | string |
| - | `--kubeconfig` | Path to the kubeconfig for the cluster you would like to import (optional) | string |
| - | `--kubeconfig-dir` | Path to directory containing kubeconfigs for one or more clusters (optional) | string |
| - | `--uuid` | If true, a partial UUID is appended to each cluster name (optional) | boolean |

:::info

Expand Down
Loading

0 comments on commit 158a658

Please sign in to comment.