From 50cdb1d2ba781d75eb11ff2a2255742afab0854d Mon Sep 17 00:00:00 2001 From: Sven Strittmatter Date: Fri, 7 Feb 2025 12:35:10 +0100 Subject: [PATCH 1/2] #1452 Remove Vagrant All-in-One Setup Since Apple Silicon Vagrant is not really usable on macOS. Also this feature was used seldom. So we remove this instead of fixing it. Signed-off-by: Sven Strittmatter --- .gitignore | 1 - Vagrantfile | 58 ------------- bin/install-minikube.sh | 87 ------------------- bin/npm-ci-all.sh | 1 - .../docs/getting-started/installation.md | 20 +---- 5 files changed, 1 insertion(+), 166 deletions(-) delete mode 100644 Vagrantfile delete mode 100755 bin/install-minikube.sh diff --git a/.gitignore b/.gitignore index d72e14a3d0..319b8baa31 100644 --- a/.gitignore +++ b/.gitignore @@ -11,7 +11,6 @@ megalinter-reports/ **/__pycache__ **/.pytest_cache **/.asciinema -.vagrant **/*.log **/*.monopic .s3_credentials diff --git a/Vagrantfile b/Vagrantfile deleted file mode 100644 index 75a6648ff2..0000000000 --- a/Vagrantfile +++ /dev/null @@ -1,58 +0,0 @@ -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -# -# All in one Vagrant box for the secureCodeBox. -# - -Vagrant.configure("2") do |config| - base_dir = File.dirname(__FILE__) - - config.vm.box = "debian/bullseye64" - config.vm.hostname = "securecodebox" - - # We use the same defaults like Docker Desktop. - memory = 2048 - cpus = 2 - - config.vm.provider :virtualbox do |c| - # https://www.vagrantup.com/docs/providers/virtualbox/configuration - c.memory = memory - c.cpus = cpus - end - - config.vm.provider :vmware_desktop do |c| - # https://www.vagrantup.com/docs/providers/vmware/configuration - c.vmx["memsize"] = memory - c.vmx["numvcpus"] = cpus - end - - config.vm.provider :hyperv do |c| - # https://www.vagrantup.com/docs/providers/hyperv/configuration - c.memory = memory - c.cpus = cpus - end - - config.vm.provider :libvirt do |c| - # https://github.com/vagrant-libvirt/vagrant-libvirt - c.memory = memory - c.cpus = cpus - end - - config.vm.provision :shell, path: "#{base_dir}/bin/install-minikube.sh" - # Using sudo -g to run the command w/ newly created group from installation w/o the need of relogin. - # Redirecting STDERR to /dev/null because Minikube print download progress - # for the images to STDERR which clutters up the Vagrant output w/ error output! - config.vm.provision :shell, privileged: false, inline: "sudo -g docker minikube start 2>/dev/null" - # Install everything from secureCodeBox via install script. - # Hint: The directory where the Vagrantfile lives is mapped into the box under the path /vagrant. - config.vm.provision :shell, privileged: false, inline: "sudo -g docker /vagrant/bin/install.sh --all" - - # Do not automatically install VirtualBox guest additions, if available. - # Because this would take lot of time with additional reboot. - # Necessary for environments w/ guest additions available. - if Vagrant.has_plugin?("vagrant-vbguest") - config.vbguest.no_install = true - end -end diff --git a/bin/install-minikube.sh b/bin/install-minikube.sh deleted file mode 100755 index 4588fbcf6b..0000000000 --- a/bin/install-minikube.sh +++ /dev/null @@ -1,87 +0,0 @@ -#!/usr/bin/env bash - -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -# -# Install the Minikube setup in the all-in-one Vagrant box. -# -# IMPORTANT: This script must be executed as root. -# - -set -eu - -export DEBIAN_FRONTEND="noninteractive" -MINIKUBE_DEB_FILE="minikube_latest_amd64.deb" -MINIKUBE_DEB_PATH="${HOME}/${MINIKUBE_DEB_FILE}" - -cleanup() { - rm -rfv "${MINIKUBE_DEB_PATH}" -} - -# Cleanup stuff on normal exit and interuption. -trap cleanup EXIT -trap cleanup INT - -update_system() { - apt-get update - apt-get upgrade -y - apt-get install -y \ - apt-transport-https \ - ca-certificates \ - gnupg2 \ - curl \ - software-properties-common -} - -# Install Docker as minikube provider (https://docs.docker.com/engine/install/debian/) -add_docker_apt_source() { - add_apt_key "https://download.docker.com/linux/debian/gpg" - add_apt_source "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable" "docker" -} - -# Install kubectl (https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-using-native-package-management) -add_kubectl_apt_source() { - add_apt_key "https://packages.cloud.google.com/apt/doc/apt-key.gpg" - add_apt_source "deb https://apt.kubernetes.io/ kubernetes-xenial main" "kubernetes" -} - -# https://helm.sh/docs/intro/install/ -add_helm_apt_source() { - add_apt_key "https://baltocdn.com/helm/signing.asc" - add_apt_source "deb https://baltocdn.com/helm/stable/debian/ all main" "helm" -} - -add_apt_key() { - local url="${1}" - curl -fsSL "${url}" | apt-key add - -} - -add_apt_source() { - local src="${1}" - local destination="${2}" - echo "${src}" >"/etc/apt/sources.list.d/${destination}.list" -} - -# Install minikube (https://minikube.sigs.k8s.io/docs/start/) -download_and_install_minikube() { - curl -sSLo "${MINIKUBE_DEB_PATH}" "https://storage.googleapis.com/minikube/releases/latest/${MINIKUBE_DEB_FILE}" - dpkg -i "${MINIKUBE_DEB_PATH}" -} - -update_system -add_docker_apt_source -add_kubectl_apt_source -add_helm_apt_source - -apt-get -y update -apt-get install -y \ - docker-ce \ - kubectl \ - helm - -download_and_install_minikube - -systemctl start docker -usermod -a -G docker vagrant diff --git a/bin/npm-ci-all.sh b/bin/npm-ci-all.sh index 09948500f8..c2ecefdf54 100755 --- a/bin/npm-ci-all.sh +++ b/bin/npm-ci-all.sh @@ -25,7 +25,6 @@ PACKAGE_JSON_LIST=$(find "$PROJECT_DIR" \( \ -name .github -o \ -name .idea -o \ -name .reuse -o \ - -name .vagrant -o \ -name .vscode -o \ -name bin -o \ -name docs -o \ diff --git a/documentation/docs/getting-started/installation.md b/documentation/docs/getting-started/installation.md index f34e3d25a9..e711537f15 100644 --- a/documentation/docs/getting-started/installation.md +++ b/documentation/docs/getting-started/installation.md @@ -9,7 +9,7 @@ sidebar_position: 1 path: "docs/getting-started/installation" --- -The secureCodeBox is running on [Kubernetes](https://kubernetes.io/). To install it you need [Helm](https://helm.sh), a package manager for Kubernetes. For your first steps Kubernetes from [Docker Desktop](https://www.docker.com/products/docker-desktop), [Minikube](https://minikube.sigs.k8s.io/docs/) or [KIND](https://kind.sigs.k8s.io/) is sufficient. We also provide a [Vagrant](https://www.vagrantup.com/) based all-in-one installation (see [below](#vagrant-all-in-one-installation)). +The secureCodeBox is running on [Kubernetes](https://kubernetes.io/). To install it you need [Helm](https://helm.sh), a package manager for Kubernetes. For your first steps Kubernetes from [Docker Desktop](https://www.docker.com/products/docker-desktop), [Minikube](https://minikube.sigs.k8s.io/docs/) or [KIND](https://kind.sigs.k8s.io/) is sufficient. First of all you need to install the secureCodeBox Operator which is responsible for starting all security scans. @@ -153,24 +153,6 @@ helm upgrade --install swagger-petstore oci://ghcr.io/securecodebox/helm/swagger These charts will be installed in the `default` namespace, but you can choose the namespace of your choice by adding `--namespace YOURNAMESPACE` to each helm command. ::: -## Vagrant All-in-one Installation - -We provide a [Vagrant](https://www.vagrantup.com/) setup with everything installed (Kubernetes cluster, operator, scanners, hooks, demo applications, etc.). You only need [Vagrant installed](https://www.vagrantup.com/docs/installation) and our main repository to play around with secureCodeBox: - -```bash -git clone https://github.com/secureCodeBox/secureCodeBox.git -cd secureCodeBox -vagrant up -``` - -After this setup has finished just ssh into the vagrant box: - -```bash -vagrant ssh -``` - -Now you can [start with your first scan](/docs/getting-started/first-scans). - ## Troubleshooting ### MinIO Startup Problems From ebf55232dbb7f6b85081787dd147fef0e9baccf3 Mon Sep 17 00:00:00 2001 From: Sven Strittmatter Date: Fri, 7 Feb 2025 12:59:41 +0100 Subject: [PATCH 2/2] #1452 Adds Blog Post About Vagrant Removal Signed-off-by: Sven Strittmatter --- .../2025-02-07-we-remove-vagrant-all-setup.md | 32 +++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 documentation/blog/2025-02-07-we-remove-vagrant-all-setup.md diff --git a/documentation/blog/2025-02-07-we-remove-vagrant-all-setup.md b/documentation/blog/2025-02-07-we-remove-vagrant-all-setup.md new file mode 100644 index 0000000000..3695d5dab5 --- /dev/null +++ b/documentation/blog/2025-02-07-we-remove-vagrant-all-setup.md @@ -0,0 +1,32 @@ +--- +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +title: We Remove Vagrant Setup +author: Sven Strittmatter +author_title: Core Developer +author_url: https://github.com/Weltraumschaf +author_image_url: https://www.gravatar.com/avatar/3fe213284598b5cb69009665902c77a1 +tags: + - eol + - macos +description: We remove the Vagrant All-in-One Setup completely. +--- + +**TL;DR** We remove the Vagrant All-in-One Setup completely. + + + +Since the introduction of Apple Silicon CPUs we couldn't run [Vagrant][vagrant] with [Virtualbox][virtualbox] anymore because Virtualbox is not ported on ARM at the moment. This may change in the future. I've also tried to get Vagrant up and running with other hypervisors (e.g. VMWare, QEMU), but didn't worked out well 😫 + +Since the setup of _secureCodeBox_ with [Minikube][minikube], [Kind][kind] or [Colima][colima] is quite easy we drop Vagrant completely. With Colima, you can also run x86 images easily on arm hist as described in [Run x86 Images With Kubernetes on Apple Silicon][colima-setup]. + +To be honest, using VMs is so 20th century like 😬 + +[vagrant]: https://www.vagrantup.com/ +[virtualbox]: https://www.virtualbox.org/ +[colima]: https://github.com/abiosoft/colima +[colima-setup]: /blog/2024/10/25/run-x86-images-with-kubernetes-on-apple-silicon +[minikube]: https://minikube.sigs.k8s.io/docs/start/?arch=%2Fmacos%2Fx86-64%2Fstable%2Fbinary+download +[kind]: https://kind.sigs.k8s.io/