Add gcloud marketplace self-signed certificate linux instruction (#30)

kyma-incubator · Nov 14, 2019 · 2ba8492 · 2ba8492
1 parent 3908046
commit 2ba8492
Show file tree

Hide file tree

Showing 3 changed files with 70 additions and 14 deletions.
diff --git a/KYMA_VERSION b/KYMA_VERSION
@@ -1 +1 @@
-1.6.0
+1.7.0
diff --git a/google-cloud/Makefile b/google-cloud/Makefile
@@ -19,7 +19,7 @@ VERSION ?= $(DOCKER_TAG)
 KYMA_VERSION = $(shell cat ../KYMA_VERSION)
 
 .EXPORT_ALL_VARIABLES:
-.PHONY: ci-pr ci-master ci-release image-build image-push cluster-create cluster-attach cluster-service-account install manifest-build check-env
+.PHONY: ci-pr ci-master ci-release image-build image-push cluster-create cluster-attach cluster-service-account install manifest-build check-env gettext-install
 
 cluster-create: check-env
 	gcloud container --project "$(GCP_PROJECT)" clusters \
@@ -48,7 +48,7 @@ manifest-build:
 
 image-build:
 	docker build \
-	    --build-arg KYMA_VERSION=$(KYMA_VERSION) \
+		--build-arg KYMA_VERSION=$(KYMA_VERSION) \
 		--build-arg DEPLOYER_VERSION=$(DOCKER_TAG) \
 		--build-arg KYMA_INITIALIZER_IMAGE=$(KYMA_INITIALIZER_IMAGE) \
 		-t $(IMAGE) .
@@ -60,7 +60,10 @@ ifneq (,$(shell echo "$(DOCKER_TAG)" | grep '[0-9]\+\.[0-9]\+\.[0-9]\+$$'))
 	docker push $(IMAGE_MINOR)
 endif
 
-ci-master: manifest-build image-push
+gettext-install:
+	apt-get install -y --no-install-recommends gettext
+
+ci-master: gettext-install manifest-build image-push
 ci-pr: ci-master
 ci-release: ci-master
 
@@ -70,4 +73,4 @@ ifndef GCP_PROJECT
 endif
 ifndef GCP_CLUSTER_NAME
 	$(error GCP_CLUSTER_NAME is undefined)
-endif
+endif
diff --git a/google-cloud/manifest/application.yaml b/google-cloud/manifest/application.yaml
@@ -11,7 +11,7 @@ metadata:
 spec:
   selector:
     matchLabels:
-     app.kubernetes.io/name: $APPLICATION_NAME
+      app.kubernetes.io/name: $APPLICATION_NAME
   descriptor:
     type: Kyma
     version: "$VERSION"
@@ -27,32 +27,85 @@ spec:
         url: https://github.com/kyma-project
     notes: |-
       To access your Kyma cluster, import the Kyma self-signed certificate to your trusted certificate authorities.
-
       ### MacOS
-
       Copy the following command and paste it into your terminal window:
-
       ```bash
       tmpfile=$(mktemp /tmp/temp-cert.XXXXXX) \
           && pbpaste > $tmpfile \
           && sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain $tmpfile \
           && rm $tmpfile
       ```
-
       On the GCP website, click **preview secret data** next to the **Certificate** details, and copy the certificate string.
       
       Run the command you previously pasted into your terminal window.
+      ### Linux
 
-      ### Windows
+      Copy the certificate from **Application details**, save it locally, and export its path as an environment variable. See the example:
+
+      ```
+      export KYMA_CERT=/tmp/kyma.crt
+      ```
+      Choose your Linux distribution and follow next steps.
+
+      #### Debian-based distro
 
-      Run the Command Prompt as an Administrator. Copy the following command and paste it into your Command Prompt window:
+      Check if the `ca-certificates` package is installed:
 
       ```
-      powershell "$(Get-Clipboard | Out-File -FilePath kyma.cer | Out-Host;$?) -and $(certutil -f -addstore Root kyma.cer | Out-Host;$?) -and $(Remove-Item -path kyma.cer | Out-Host;$?)"
+      apt list ca-certificates
       ```
+      If the package is not listed, install it with this command:
 
-      On the GCP website, click **preview secret data** next to the **Certificate** details, and copy the certificate string.
+      ```
+      sudo apt install ca-certificates
+      ```
+      Copy the Kyma certificate and update the certificate list:
+
+      ```
+      sudo sh -c "cp ${KYMA_CERT} /usr/local/share/ca-certificates/kyma.crt && \   
+      update-ca-certificates --fresh && rm -i ${KYMA_CERT}"
+      ```
+      #### Arch-based distro
+
+      Run this command:
 
+      ```
+      sudo sh -c "cp ${KYMA_CERT} /etc/ca-certificates/trust-source/anchors && \
+      trust extract-compat && rm -i ${KYMA_CERT}"
+      ```
+      #### Centos6
+      
+      Check if the `ca-certificates` package is installed:
+      
+      ```
+      yum list installed ca-certificates
+      ```
+      If the package is not listed, install it with this command:
+
+      ```
+      yum install ca-certificates
+      ```
+      Copy the Kyma certificate and update the certificate list:
+      
+      ```
+      sudo sh -c "cp ${KYMA_CERT} /etc/pki/ca-trust/source/anchors/ && \
+      update-ca-trust extract && rm -i ${KYMA_CERT}"
+      ```
+      #### Centos5
+      
+      Run this command:
+      
+      ```
+      sudo sh -c "cat ${KYMA_CERT} >>/etc/pki/tls/certs/ca-bundle.crt"
+      ```              
+      ### Windows
+      Run the Command Prompt as an Administrator. 
+      
+      Copy the following command and paste it into your Command Prompt window:
+      ```
+      powershell "$(Get-Clipboard | Out-File -FilePath kyma.cer | Out-Host;$?) -and $(certutil -f -addstore Root kyma.cer | Out-Host;$?) -and $(Remove-Item -path kyma.cer | Out-Host;$?)"
+      ```
+      On the GCP website, click **preview secret data** next to the **Certificate** details, and copy the certificate string.
       Run the command you previously pasted into your Command Prompt window.
 
   info: