Collaboration
Development Profiles
A Development Profile is a simple manifest file that defines a specific set of reproducible Codezero commands. This allows developers to easily get several commands running for the tasks at hand without having to remember all the command line parameters for the command line tool. Just record a series of commands to create a Development Profile to be used later to rerun those commands again.
Overview
A development profile creates a specific development scenario. For instance, a developer may want to teleport their machine into a cluster and intercept a particular service. A development profile remembers the parameters required so that the developer doesn't have to remember them to recreate a scenario when they want to debug something.
Getting Started
Creating a Development Profile is as simple as using czctl
just as you would normally, but appending the --save-profile [filename]
flag.
See Codezero Overview and Installing Codezero for more information on getting started with the CLI.
Examples
A development profile is created through running CLI commands with a --save-profile flag:
czctl teleport namespace sample-project --save-profile dev-profile.yaml
After running the command, you should see output similar to "Command has been saved to a Development Profile: (dev-profile.yaml)".
If you are running the command from a directory with a .codezero
directory, a profile file will automatically be created and placed in a folder inside .codezero/develop/
.
czctl env deployment -n sample-project sample-project-core env.sh --save-profile dev-profile2.yaml
Development Profiles are still under active development and are subject to change.
Appending More
Commands can be added by running another command and saving to the same profile with a "save-profile-mode" flag with the value "append". Other values for this flag are 'create' amd 'replace'.
czctl intercept service sample-project-core -n sample-project -l 3010 --save-profile dev-profile.yaml --save-profile-mode append
If you forget this flag, the CLI will ask you if you are appending or replacing the contents of the Development Profile file.
czctl mount deployment -n sample-project sample-project-core ./mnt --save-profile dev-profile.yaml
? This profile already exists. What would you like to do with the existing profile? (Use arrow keys)
❯ append
replace
Sharing a Profile
We recommend storing session profiles in the folder .codezero/develop/
at the root of your code repository as the Codezero desktop application looks at this folder to find profiles and profiles can be shared among the development team more easily this way.
Running a Profile
Currently, running a Development Profiles is best accomplished via the Desktop app. First launch the Desktop application and load a workspace by selecting your current project directory (the directory that contains a .codezero folder). This will automatically search for all Development Profiles located in the .codezero/develop/
folder of this workspace.
Securely Sharing Contexts
A kubeconfig context provides access to a Kubernetes cluster, and should be protected. When working in a team of developers, however, there may be a need to share a context amongst team members so that developers using the Codezero CLI or Desktop app can run commands against a common cluster.
Typically only a limited number of people have access to download a cluster's kubeconfig, so this presents a problem for giving developers the kubeconfig contexts they need, while not introducing security vulnerabilities.
With Codezero developers can request an encrypted context from the cluster admin so that contexts can be shared safely and securely over unsecure channels.
A cluster's kubeconfig should never be shared unencrypted. Anyone with the kubeconfig will have access to the cluster.
Requesting a Context
The developer who does not have access to download a cluster's kubeconfig can use the Desktop app or the CLI to request an encypted context.
Using the Desktop App
- Click on the Codezero system tray icon and select Contexts -> Request Context.
- You will be presented with a screen containing your public key. The associated private key is stored securely in a local database.
- Copy or download your public key.
- Send the public key to your cluster admin and wait for them to generate and send you back an encrypted context.
- Once you have an encrypted context you can add it using the Desktop app or the CLI.
Using the CLI
You can use Codezero CLI's context request
command to save your public key to file or copy it to your clipboard. See the command reference for more details.
Generating and Sharing an Encrypted Context
A cluster administrator who has permission to download a cluster's kubeconfig can generate an encypted context for sharing over an unsecure channel like IM or email.
Using the Desktop App
- Recieve a public key from the developer needing cluster access.
- Click on the Codezero system tray icon and select Contexts -> Share Context.
- You will be presented with a screen where you will need to paste in or upload the public key, and also paste in or upload the un-encypted context.
- Click the "Encrypt" button.
- An encypted context will be generated and presented on the next screen. Copy or download the encrypted context and share with the developer owning the associated public key.
Using the CLI
You can use Codezero CLI's context share
command to generate an encrypted context. See the command reference for more details.