artin/sourcegraph
1
0
Fork 0
mirror of https://github.com/sourcegraph/sourcegraph.git synced 2026-02-06 19:51:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
main
sourcegraph/cmd/appliance
History
Craig Furman bcb2e16d0b
feat(appliance): optionally load pinned releases file (#64441) 
**chore(appliance): version list obtained from backend**

Instead of calling release registry directly from the frontend. This
commit is just preparation for a fallback mechanism for users that do
not want the external dependency on release registry.



**feat(appliance): optionally load pinned releases file**

Instead of calling release registry. This is a fallback mechanism for
airgap users.



**feat(appliance): respect pinned release versions during self-update**
2024-08-14 09:24:51 +01:00
..
shared feat(appliance): optionally load pinned releases file (#64441) 2024-08-14 09:24:51 +01:00
BUILD.bazel Revert "Revert "refactor: upgrade to rules_oci 2.0 (2nd attempt)"" (#64354) 2024-08-08 09:00:08 +00:00
main.go support fast, simple sg start single-program-experimental-blame-sqs for local dev (#63435) 2024-06-24 21:12:47 +00:00
README.md feat(appliance): admin password gates most pages (#63523) 2024-07-01 21:56:23 +00:00

README.md

Appliance

Appliance provides a platform for configuration and automation of Sourcegraph deployments and administration in a Kubernetes environment. This allows users to easily setup and configure Sourcegraph in their environment as well as more easily manage administration tasks such as upgrades.

Architecture

Appliance runs as a standard Kubernetes Deployment and utilizes Kubernetes controller-runtime in order to manage deployment and administration tasks.

Own

For more information or for help, see the Release Team.

Development

You can kick the tires on the appliance version by running:

go run ./cmd/appliance

config.go is the source of truth on appliance configuration. Most of the variables there are optional, except for:

  • APPLIANCE_VERSION: while this does have a default that does not need to be overridden in production, development builds that lack the link-time injected version information will need to set this. Set it to the latest version of Sourcegraph that you want to be offered.

You might want to override the listen addresses to localhost-only, in order to avoid macos firewall popups.

The appliance doesn't care if it's running inside or out of the k8s cluster it's provisioning resources into. It does a well-known k8s config dance to try to load in-cluster config (from a k8s ServiceAccount token), falling back on looking for a kubeconfig on the host

If you have some kubernetes running (e.g. minikube, docker desktop), and your default context is set in ~/.kube/config, the appliance will build a k8s client using that kubeconfig, and everything should "just work".

You must set an admin password, e.g:

SG_APPLIANCE_PW=$(pwgen -s 40 1)
echo -e "Your Sourcegraph appliance password is:\n\n${SG_APPLIANCE_PW}\n"
kubectl -n test create secret generic appliance-password --from-literal password="${SG_APPLIANCE_PW}"

On first boot the appliance will hash that password, transpose it to another backing secret, and delete the secret you just created.

To reset the appliance password:

kubectl -n test delete secret appliance-data

And then create the password again as per the above instructions.

See development.md for more information, including about automated testing.