Deployment and Operations

Importing Cloudentity Configuration Using Import Job

This article provides instructions on configuring import job for importing the Cloudentity platform configuration.

About Import Job

The Cloudentity platform enables DevSecOps engineers to import its configuration according to the GitOps approach, where all configuration is stored within a Git repository. There is possibility to declarativly import configuration that stores tenants, servers, clients and much more.

Learn more

To learn more about declarative configuration, see the Declarative configuration import for ACP documentation.

Prerequisites

  • Kubernetes cluster v1.16+
  • Helm v3.0+

Configure Import Job

There are two ways to proceed with import:

  • Helm chart built-in job

    This import job is recommended to be used for the Cloudentity platform deployed on Kubernetes with Helm Charts. For other deployments using the dedicated acp-cd Helm Chart described below is more convenient.

    It will create Helm hook to create K8s job which utilizes Cloudentity import command.

    Example

    Enable migrate job and provide data sample

    importJob:
      enabled: true
      data:
        policies:
          - tenant_id: mytenant
            server_id: myworkspace
            id: block_test_policy
            policy_name: block_test
            language: cloudentity
            type: api
            validators:
              - name: "false"
    
  • Dedicated acp-cd helm chart

    As the configuration for declarative import could be complex, it will make values file less readable then it should. Additionally import job is done once ACP is running so it could be considered as privisioning task, not deployment one. For those reasons, you have a choice to use dedicated acp-cd helm chart to configure your Cloudentity deployment.

    Learn more

    To learn more about acp-cd, see the Install acp-cd Helm Chart documentation.