Since you will need to make environment-specific changes to the system's configuration, you should fork this repository, and update the package configuration to look at your fork. Here's the steps to take:
-
Fork the repo. On GitHub that can be done by clicking the "Fork" button in the top right of the page. For any other Git system you'll want to create a bare clone and do a mirror push. Like this:
# Assuming you have created a brand new completely empty repo located at https://gitsite.com/yourusername/new-repository.git git clone --bare https://github.com/defenseunicorns/zarf-package-software-factory.git cd zarf-package-software-factory.git git push --mirror https://gitsite.com/yourusername/new-repository.git cd .. rm -rf ./zarf-package-software-factory.git
Note: If you want to make the repo private don't use the "Fork" feature on GitHub, since forks can't be made private unless you first submit a support request to have them detach the fork. Note that if you are using SOPS encryption of your secrets (highly recommended) then it is okay for your config repo to be public since the files that contain secrets will be committed to the repository encrypted, and decrypted inside the cluster using Flux.
-
Clone your new repo and add this repo as an "upstream" remote, so you can pull down updates later
git clone https://gitsite.com/yourusername/new-repository.git cd new-repository # If you forked on GitHub they already did this for you git remote add upstream https://github.com/defenseunicorns/zarf-package-software-factory.git
-
Customize
zarf.yaml-- Change the repo URL in the "setup" component fromhttps://github.com/defenseunicorns/zarf-package-software-factory.gitto the repo URL of your config repo that you created by forking the upstream -
Customize
day2/zarf.yaml-- Change the repo URL fromhttps://github.com/defenseunicorns/zarf-package-software-factory.gitto the repo URL of your config repo that you created by forking the upstream -
Customize
manifests/setup.yaml-- Change the urlhttp://zarf-gitea-http.zarf.svc.cluster.local:3000/zarf-git-user/mirror__github.com__defenseunicorns__zarf-package-software-factory.gitto the "Zarf-ified" version of your config repo that you created by forking the upstream. The easiest way to do that is to change it to the regular URL, then run this command on that file:zarf prepare patch-git http://zarf-gitea-http.zarf.svc.cluster.local:3000 manifests/setup.yaml
Note: If you need to install Zarf, you can run either
make build/zarf-mac-intelormake build/zarf(depending on what OS distro you are using). Zarf will be installed in thebuildfolder in this repo. -
Customize
kustomizations/bigbang/environment-bb/values.yaml-- Replacebigbang.devwith your real domain, and change the TLS key and cert to your own key and cert, then SOPS encrypt the file. Click HERE for instructions on how to set up SOPS encryption.sops -e -i kustomizations/bigbang/environment-bb/values.yaml
-
Customize
kustomizations/softwarefactoryaddons/jenkins/environment-bb-values.yaml-- Replacebigbang.devwith your real domain. Do a find and replace on the whole file, it appears in multiple places. Later on in the SSO step you'll also update theclientIDandclientSecretparameters but we can't do that until after GitLab is deployed. Encrypt the file with SOPS if you want at this point, though the only things in the file that are likely to be considered secrets are the client ID and client secret, which won't have been added yet.sops -e -i kustomizations/softwarefactoryaddons/jenkins/environment-bb-values.yaml
-
Customize
kustomizations/softwarefactoryaddons/base/virtualservice.yaml-- Replacebigbang.devwith your real domain. -
Customize
kustomizations/softwarefactoryaddons/jira/values.yaml-- Replacebigbang.devwith your real domain -
Customize
kustomizations/softwarefactoryaddons/confluence/environment-bb-values.yaml-- Replacebigbang.devwith your real domain -
Commit the changes to the repo
git add . git commit -m "Add environment-specific configuration" git push
-
Build the packages
make all
Now that the necessary packages are created, it is time to Deploy.