Rechercher
SupportConsoleDéveloppeursCommencer un essaiContact

Ce contenu n'est pas disponible dans la langue sélectionnée.

Chapter 2. Your path to secure application development

download PDF

Red Hat Trusted Application Pipeline (RHTAP) significantly enhances the efficiency of containerizing and deploying applications, enabling developers to deploy their work within minutes. This innovative platform not only facilitates the creation of a build pipeline for testing and integrating application changes swiftly but also fortifies security measures against supply-chain attacks. By adhering to the rigorous standards of the Supply-chain Levels for Software Artifacts (SLSA) security framework, RHTAP ensures compliance with high-level security requirements.

2.1. Installation overview

Before tapping into the vast array of benefits offered by RHTAP, the initial step involves its installation within your organization. The installation of RHTAP is structured around seven key procedures:

  1. Creating a GitHub application for RHTAP
  2. Forking the template catalog
  3. Creating a GitOps git token
  4. Creating the Docker configuration value
  5. Creating a private-values.yaml file
  6. Installing RHTAP in your cluster
  7. Finalizing your GitHub application

2.2. Initial setup

Prior to beginning the installation process, certain prerequisites must be met to ensure a smooth and successful setup:

  1. Cluster Access: Ensure you have ClusterAdmin access to an OpenShift Container Platform (OCP) cluster, accessible both via the CLI and the web console.

  2. Red Hat Advanced Cluster Security (ACS): Obtain necessary values from your ACS instance, including:

    • ACS API token: Follow the instructions provided here to create an API token.
    • ACS central endpoint URL: Configure the endpoint by referring to the instructions available here.

  3. Configure ACS for Private Repositories: If you’re using private repositories in image registries like Quay.io, configure ACS accordingly:

    • For Quay.io, navigate to Integrations > Image Integrations and select the Quay.io card.
    • Add your OAuth tokens to access your specific Quay.io instance.
    • Validate access via the test button to ensure ACS can scan private images when required.
  4. Quay.io Account: Ensure you have an active Quay.io account.
  5. Helm CLI Tool: Install the Helm CLI tool by following the guidelines provided here.
  6. GitHub Account: Lastly, make sure you have a GitHub account to facilitate certain installation procedures.

With these prerequisites in place, you are well-prepared to initiate the installation process by creating a new GitHub application specifically for your RHTAP instance.

Next step

Red Hat logoGithubRedditYoutubeTwitter

Apprendre

Essayez, achetez et vendez

Communautés

À propos de la documentation Red Hat

Nous aidons les utilisateurs de Red Hat à innover et à atteindre leurs objectifs grâce à nos produits et services avec un contenu auquel ils peuvent faire confiance.

Rendre l’open source plus inclusif

Red Hat s'engage à remplacer le langage problématique dans notre code, notre documentation et nos propriétés Web. Pour plus de détails, consultez leBlog Red Hat.

À propos de Red Hat

Nous proposons des solutions renforcées qui facilitent le travail des entreprises sur plusieurs plates-formes et environnements, du centre de données central à la périphérie du réseau.

© 2024 Red Hat, Inc.