END BLOG

batleforc · Jul 30, 2023 · 28025b4 · 28025b4
1 parent 9af9275
commit 28025b4
Showing 1 changed file with 33 additions and 1 deletion.
diff --git a/blog/2023-07-29-v3.md b/blog/2023-07-29-v3.md
@@ -16,6 +16,38 @@ The goal is stil the same, having a fully automated kubernetes cluster, with a G
 
 ### Auth me now
 
-One of the most nerf wrecking change was to kick out the old auth system Keycloak and replace it with Zitadel.
+One of the most nerf wrecking change was to kick out the old auth system [Keycloak](https://www.keycloak.org/) and replace it with [Zitadel](https://zitadel.com/).
 
 Why the change ? Zitadel bring the hability to [fully automate](https://github.com/users/batleforc/projects/7/views/1?pane=issue&itemId=34063201) (except SAML) the auth process and to create each application with a terraform "CronJob".
+
+The pros of automating the auth process is that you dont need to create each thing by hand, and you can easily create a new application with a simple terraform file. And you are sure that whats automated will be the source of truth thought time.
+
+At the moment i didn't find any cons, except for the huge amout of ram that [CochroachDB](https://www.cockroachlabs.com/) need to run when considering Keycloak use Postgresql. (The saml part is not a cons, it's just not implemented yet).
+
+### Automate me
+
+With the new auth system, i was able to automate the oidc setup for each application. But by discovering Zitadel, i also discoverd [Terraform](https://www.terraform.io/).
+
+It allow me to:
+
+- Automate the oidc setup for each application (Grafana, Gitea, Harbor, WIP: Sonarqube, Oauth2Proxy, ...)
+- Automate Harbor (Project, Robot account, Configuration, ...)
+- Automate some simple step (creation of Kubeconfig)
+- Automate Sonarqube (WIP)
+- Automate Minio (WIP)
+
+### Upgrade
+
+Well we need everything to be up to date, so i upgraded everything to the latest version available like
+
+- Gitea (need to be done manually, because each upgrade break everything) (1.18 -> 1.20)
+- Tekton (Just an upgrade of the CRD)
+- Harbor (automated)
+- Haproxy (0.14.2 -> 0.14.4)
+- CertManager
+- Tempo (replace Jaeger because it's easier to use)
+- Flux (0.41.2 -> 2.0.1)
+
+### Next to do
+
+While i was upgrading everything it become obvious that i need to upgrade my use of Github. Then i moved from the old Github Dashboard to [the new one](https://github.com/users/batleforc/projects/7/views/1). Event if i wasn't writing the doc, i was still working on the project and updating the dashboard and issues.