Skip to content

defenseunicorns/uds-core

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Unicorn Delivery Service - Core (UDS Core)

Latest Release Build Status OpenSSF Scorecard

UDS Core establishes a secure baseline for cloud-native systems and ships with compliance documentation and first-class support for airgap/egress-limited systems. Based on the work of Platform One, UDS Core expands on the security posture of Big Bang while providing advanced automation with the UDS Operator and UDS Policy Engine. UDS Core is a collection of several individual applications combined into a single Zarf package and we recommend using UDS CLI to deploy it as a UDS Bundle.

tl;dr - try it now

Core Applications

Future Applications

  • Kiali - Service Mesh Observability
  • Tempo - Tracing

Prerequisites

  • A running container environment for K3D to interact with for dev & test environments
  • K3D v5.7.1 or later for dev & test environments or any CNCF Certified Kubernetes Cluster for production environments.

Using UDS Core in Production

While the UDS Bundles published by this repo can be used for dev and test environments and include a K3d cluster, UDS Core also publishes a UDS Package that is intended to be used in your own UDS Bundle. You can use the k3d-core-demo bundle as an example.


Quickstart, Dev & Test Environments

UDS Core publishes bundles you can use for trying out UDS Core or for UDS Package development where you only need part of UDS Core. These bundles leverage UDS K3d to create a local k3d cluster with tools installed to emulate a cloud environment.

Note

These UDS Bundles are intended for dev and test environments and should not be used for production. They also serve as examples to create custom bundles.

Quickstart

If you want to try out UDS Core, you can use the k3d-core-demo bundle to create a local k3d cluster with UDS Core installed by running the following command:

uds deploy k3d-core-demo:0.34.0

UDS Package Development

In addition to the demo bundle, a k3d-slim-dev bundle also exists to work with UDS Core with only Istio, Keycloak & Pepr installed. Run the command below to use it.

Deploy Istio, Keycloak and Pepr:

uds deploy k3d-core-slim-dev:0.34.0

Developing UDS Core

UDS Core development leverages the uds zarf dev deploy command. For convenience, a UDS Task is provided to setup the environment. You'll need to have NodeJS 20 or later installed to continue. Here's an example of a flow developing the identity-authorization layer:

# Create the dev environment
uds run dev-setup

# If developing the Pepr module:
npx pepr dev

# If not developing the Pepr module (can be run multiple times):
npx pepr deploy

# Deploy the layer (can be run multiple times)
uds run dev-deploy --set LAYER=identity-authorization

Testing UDS Core

You can perform a complete test of UDS Core by running the following command:

uds run test-uds-core

This will create a local k3d cluster, install UDS Core, and run a series of tests against it, the same tests that are run in CI. If you want to run the tests against a specific core layer, you can use the LAYER task variable. The following example runs the tests against the identity-authorization layer:

uds run test-single-layer --set LAYER=identity-authorization

Note you can specify the --set FLAVOR=registry1 flag to test using Iron Bank images instead of the upstream images.

UDS Core Architecture Overview

UDS Core Architecture Diagram

Diagrams are located in /docs/.images. See the diagram README for an explanation and help customizing.