Generate certificates

First generate a self signed rsa key and certificate that the server can use for TLS.

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /tmp/dt.key -out /tmp/dt.crt -subj "/CN=dependency-track-apiserver.dependency-track/O=dependency-track-apiserver.dependency-track"

Create a dependency-track application running in a kubernetes cluster

Create a secret for ingress.

kubectl create ns dependency-track
kubectl create secret tls dtsecret --key /tmp/dt.key --cert /tmp/dt.crt -n dependency-track

Deploy nginx ingress controller

helm upgrade --install ingress-nginx ingress-nginx \
  --repo https://kubernetes.github.io/ingress-nginx \
  --namespace ingress-nginx --create-namespace

Deploy dependency-track

helm repo add evryfs-oss https://evryfs.github.io/helm-charts/
helm install dependency-track evryfs-oss/dependency-track --namespace dependency-track --create-namespace -f values.yaml
kubectl apply -f dependency-track.ingress.yaml

Get dependency-track API server LoadBalancer IP

API_SERVICE_IP=$(kubectl get svc -n dependency-track dependency-track-apiserver -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo $API_SERVICE_IP
34.69.242.184

Update API_BASE_URL env var in `values.yaml` with `$API_SERVICE_IP` value

example for API_SERVICE_IP=34.69.242.184:

    - name: API_BASE_URL
      value: "http://34.69.242.184:80"

Upgrade dependency-track to include new values

helm upgrade dependency-track evryfs-oss/dependency-track --namespace dependency-track --create-namespace -f values.yaml
kubectl apply -f dependency-track.ingress.yaml

Get ingress LoadBalancer IP

INGRESSGATEWAY_SERVICE_IP=$(kubectl get svc -n ingress-nginx ingress-nginx-controller -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo $INGRESSGATEWAY_SERVICE_IP
34.135.8.34

Add a dns record in `/etc/hosts` for the nginx LB IP

example for INGRESSGATEWAY_SERVICE_IP=34.135.8.34

$ cat /etc/hosts
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting.  Do not change this entry.
##
127.0.0.1	localhost
255.255.255.255	broadcasthost
::1             localhost
# Added by Docker Desktop
# To allow the same kube context to work on the host and the container:
127.0.0.1 kubernetes.docker.internal
# End of section
34.135.8.34 dependency-track-apiserver.dependency-track

Test with curl

curl -vvv -k https://dependency-track-apiserver.dependency-track/api/version

Test scan command

Extract API Key (https://docs.dependencytrack.org/integrations/rest-api/)

kubectl -n dependency-track port-forward svc/dependency-track-frontend 7777:80 &
Browse to http://localhost:7777 (admin:admin)
Go to Administration-->Access Management-->Teams and get an API Key

Ingress (replace `XXX` with your API key)

SCANNER_DEPENDENCY_TRACK_INSECURE_SKIP_VERIFY=true \
SCANNER_DEPENDENCY_TRACK_DISABLE_TLS=false \
SCANNER_DEPENDENCY_TRACK_HOST=dependency-track-apiserver.dependency-track \
SCANNER_DEPENDENCY_TRACK_API_KEY=XXX \
./bin/kubeclarity scan sbom.cyclonedx  -i sbom -o sbom-result.json

Localhost (replace `XXX` with your API key)

k -n dependency-track port-forward svc/dependency-track-apiserver 8081:80

SCANNER_DEPENDENCY_TRACK_DISABLE_TLS=true \
SCANNER_DEPENDENCY_TRACK_HOST=localhost:8081 \
SCANNER_DEPENDENCY_TRACK_API_KEY=XXX \
./bin/kubeclarity scan sbom.cyclonedx  -i sbom -o sbom-result.json

Cleanup

helm uninstall dependency-track -n dependency-track
helm uninstall ingress-nginx -n ingress-nginx
kubectl delete ns dependency-track ingress-nginx

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

Generate certificates

Create a dependency-track application running in a kubernetes cluster

Create a secret for ingress.

Deploy nginx ingress controller

Deploy dependency-track

Get dependency-track API server LoadBalancer IP

Update API_BASE_URL env var in `values.yaml` with `$API_SERVICE_IP` value

Upgrade dependency-track to include new values

Get ingress LoadBalancer IP

Add a dns record in `/etc/hosts` for the nginx LB IP

Test with curl

Test scan command

Extract API Key (https://docs.dependencytrack.org/integrations/rest-api/)

Ingress (replace `XXX` with your API key)

Localhost (replace `XXX` with your API key)

Cleanup

Files

README.md

Latest commit

History

README.md

File metadata and controls

Generate certificates

Create a dependency-track application running in a kubernetes cluster

Create a secret for ingress.

Deploy nginx ingress controller

Deploy dependency-track

Get dependency-track API server LoadBalancer IP

Update API_BASE_URL env var in values.yaml with $API_SERVICE_IP value

Upgrade dependency-track to include new values

Get ingress LoadBalancer IP

Add a dns record in /etc/hosts for the nginx LB IP

Test with curl

Test scan command

Extract API Key (https://docs.dependencytrack.org/integrations/rest-api/)

Ingress (replace XXX with your API key)

Localhost (replace XXX with your API key)

Cleanup

Update API_BASE_URL env var in `values.yaml` with `$API_SERVICE_IP` value

Add a dns record in `/etc/hosts` for the nginx LB IP

Ingress (replace `XXX` with your API key)

Localhost (replace `XXX` with your API key)