Skip to content

tao3k/tenzir-devops

Repository files navigation

README

Branches status

  • main: used to test the full features
  • template: init the template with minimal env

Configuration languages or files

By simply placing the supported configuration formats or files in the corresponding folders, the auto-importing mechanism will be triggered.

We have a global command-line tool called std that allows users to query and execute various tasks.

  • units (dirs)
    1. cells(std&nix) A DevOps framework for the SDLC with the power of Nix and Flakes. Good for keeping deadlines!
      • [X] devshell -> path -> ./cells/devshell
        • nix,yaml
      • [X] tasks -> path -> ./cells/tasks/tasks
        • nix,json,yaml
      • [X] schemas -> path -> ./tenzir/schemas/
        • nix,yaml,json
      • [ ] terraform -> path -> ./deploy/tf
        • nix(validator::terranix),hcl(validator::internal),json(overrideValues),nickel(validator::tf-ncl)
      • [ ] kubernets -> path -> ./deploy/k8s
        • ts(validator::architect-k8s-template),yaml,nickel,nix,json(overrideValues)
      • [] secrets -> path -> ./secrets
        • envs(yaml/json), sops(GPG,ssh),age(ssh),vault(cloud),git-crypt
    2. nickel: Introducing the experimental incorporation of Nickel into security dataflow.

Moreover, users have the flexibility to modify the structure of the related cells’ paths by using the cellsFrom field in the ./devshell.toml.

Getting started

  • with docker/podman
docker pull ghcr.io/gtrunsec/tenzir-devshell-users:latest
git clone https://github.com/GTrunSec/tenzir-users-devops-template
cd tenzir-users-devops-template
docker run --platform linux/amd64 -it -v "$(pwd):/work" --entrypoint bash ghcr.io/gtrunsec/tenzir-devshell-users:latest
podman run --platform linux/amd64 -it -v "$(pwd):/work" --userns=keep-id --entrypoint bash ghcr.io/gtrunsec/tenzir-devshell-users:latest
  • with nix-direnv
direnv allow

Concepts

auto-importing/merging

The final output files are automatically generated and stored in the that folder.

If the sysmon.yaml file exists within the user directory, then automatic merging the data with source and generating the final file into the generated-sysmon.yaml.

make sure, you have set the source, data and output fields correctly.

# upstream's schema data
source: "/schema/concepts/sysmon.yaml"
# your own data
data:
- concept:
  ...