Blog
  • Welcome to egonzalez blog
  • Software Supply Chain Security
    • Software Supply Chain Security: Why It Matters
    • Software Supply Chain Security: A Technical Deep Dive
    • SLSA and the Software Supply Chain Security: Time to Get Serious
  • Provenance
    • Understanding Provenance in Software Supply Chain Security
  • Building a secure development framework
  • Hacking
    • Index
      • Hack the box writeups
        • Dyplesher HTB writeup
        • Fatty HTB writeup
        • Oouch HTB writeup
        • Sauna HTB writeup
      • Python Vulnerabilities
        • Data Deserialization
          • Pickle
          • XML
          • YAML
      • Hacking cheatsheet
  • DevSecOps
    • Index
      • Gitlab CI minikube development environment
      • Gerrit review minikube
      • Gerrit and gitlab replication and CI job hooks on k8s
      • Vault integration with Gitlab CI
      • Gitlab CI template for DefectDojo
      • Falco real time runtime thread detection on k8s
      • Zarf - Airgap deployment in kubernetes
      • OWASP Dependency-track
      • OpenDaylight in a Docker
      • To conditional or to skip, that's the Ansible question
      • Spacewalk Red Hat Satellite v5 in a Docker container PoC
      • Ansible INI file module
  • OpenStack
    • Index
      • OpenStack tacker and service function chaining sfc with kolla
      • Deploy OpenStack designate with kolla-ansible
      • OpenStack keystone zero downtime upgrade process newton to ocata
      • Midonet integration with OpenStack Mitaka
      • OpenStack kolla deployment
      • Magnum in RDO OpenStack Liberty
      • Nova VNC flows under the hood
      • Ceph Ansible baremetal deployment
      • Rally OpenStack benchmarking with Docker
      • OpenStack affinity/anti-affinity groups
      • Migrate keystone v2.0 to keystone v3 OpenStack
      • Neutron DVR OpenStack Liberty
      • OpenStack segregation with availability zones and host aggregates
      • Nova Docker driver
      • Murano in RDO OpenStack manual installation
      • Ceph RadosGW admin Ops
      • Multiple store locations for glance images
      • List all tenants belonging an user
      • Load balancer as a service OpenStack LbaaS
      • OpenStack nova API start error
      • Delete OpenStack neutron networks
Powered by GitBook
On this page

Was this helpful?

  1. DevSecOps
  2. Index

Gerrit review minikube

Deploy gerrit on kubernetes

Download git repository with helm charts

git clone https://gerrit.googlesource.com/k8s-gerrit
cd k8s-gerrit

Create namespace

kubectl create ns gerrit-operator

Update helm dependencies

helm dependency build helm-charts/gerrit-operator/

Install k8s operator

helm -n gerrit-operator install gerrit-operator helm-charts/gerrit-operator/

Install NFS

kubectl create ns nfs
helm repo add nfs-ganesha-server-and-external-provisioner \
  https://kubernetes-sigs.github.io/nfs-ganesha-server-and-external-provisioner/
helm upgrade \
  --install nfs \
  nfs-ganesha-server-and-external-provisioner/nfs-server-provisioner \
  -n nfs

Create gerrit namespace and sample secrets

kubectl create ns gerrit
kubectl apply -f Documentation/examples/gerrit.secret.yaml

Create single gerrit cluster

kubectl apply -f Documentation/examples/1-gerritcluster.yaml

Create gerrit-ingress.yaml file to generate an ingress to the Web UI.

Host IP is the output of minikube ip command

cat << EOF > gerrit-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: gerrit-ingress
spec:
  rules:
    - host: "gerrit.$(minikube ip).nip.io"
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: gerrit-service
                port:
                  number: 80
EOF

Create the ingress

 kubectl apply -f gerrit-ingress.yaml -n gerrit

Create IngressRouteTcp to allow git through SSH

apiVersion: traefik.containo.us/v1alpha1
kind: IngressRouteTCP
metadata:
  labels:
    app: gerrit-service
  name: gerrit-service
  namespace: gerrit
spec:
  entryPoints:
  - gerrit-service
  routes:
  - match: HostSNI(`*`)
    services:
    - name: gerrit-service
      namespace: gerrit
      port: 29418
PreviousGitlab CI minikube development environmentNextGerrit and gitlab replication and CI job hooks on k8s

Last updated 4 months ago

Was this helpful?