Ce contenu n'est pas disponible dans la langue sélectionnée.
Preface
Red Hat Trusted Application Pipeline (RHTAP) is not really a single product. Instead, it is a set of products that combine to form a highly automated, customizable, and secure platform for building applications.
RHTAP includes the following products:
- Red Hat Developer Hub: a self-service portal for developers.
- OpenShift GitOps: to manage Kubernetes deployments and their infrastructure.
- OpenShift Pipelines: to enable automation and provide visibility for continuous integration and continuous delivery (CI/CD) of software.
- Trusted Artifact Signer: to sign and validate the artifacts that RHTAP produces.
- Trusted Profile Analyzer: to deliver actionable information about your security posture.
It also depends on the following products:
- Quay.io: a container registry, where RHTAP stores your artifacts.
- Advanced Cluster Security (ACS): a security tool that RHTAP uses to scan your artifacts.
To see exactly which versions of these products RHTAP supports, reference the compatibility and support matrix in our Release notes.
Because a fully-operational instance of RHTAP involves all of the products listed above, installing RHTAP takes time and effort. However, we have automated this process where possible, and are providing instructions here that we hope are helpful and concise.
Additionally, be aware that the RHTAP installer is not a manager: it does not support upgrades. The installer generates your first deployment of RHTAP. After installation, you manage each product within RHTAP individually.
Before you can begin installation, you must meet six prerequisites. Then you must complete seven procedures.
Prerequisites
- ClusterAdmin access to an OpenShift Container Platform (OCP) cluster, through both the CLI and the web console
An instance of Red Hat Advanced Cluster Security, as well as the following values from that instance:
To enable ACS to access private repositories in image registries, ACS will need to be configured for your specific registry
- For Quay.io, under Integrations→Image Integrations select the Quay.io card
- Add your OAUTH tokens to access your specific Quay.io instance
- Validate the access via the test button. This will ensure if the RHTAP is asked to scan a private image, ACS will have access
- A Quay.io account
- The Helm CLI tool
- A GitHub account
Procedures
- Creating a GitHub application for RHTAP
- Forking the template catalog
- Creating a GitOps git token
- Creating the Docker configuration value
- Creating a private-values.yaml file
- Installing RHTAP in your cluster
- Finalizing your GitHub application
The following pages of this document explain each of those procedures in detail. If you have the prerequisites, you are ready to start the installation process by creating a GitHub application.