Agent Tools Configuration

Configuration for the tools used by Remediator Agent

The following configurations can be used when creating the ToolConfig CR. These will be referenced from the Remediator CR.

GitHub

Installing the Nirmata app:

  1. Configure the Nirmata app in your organization and provide access to the application repositories.
  2. Review the required permissions and grant access.
  3. To obtain the private key, reach out to the Nirmata team.

Create a Kubernetes secret to store the private key.

kubectl create secret generic github-app-secret \
  --from-file=private-key.pem="/path/to/pem/file" \
  --from-literal=webhook-secret="mysecret" \
  --namespace=nirmata

Create the ToolConfig CR.

apiVersion: serviceagents.nirmata.io/v1alpha1
kind: ToolConfig
metadata:
  name: toolconfig-sample
  namespace: nirmata
spec:
  type: github
  credentials:
    method: app
    app:
      appId: APP_ID
      privateKeySecretRef:
        name: github-app-secret
        namespace: nirmata
        key: private-key.pem

Using Personal Access Token

Create a Kubernetes secret in the nirmata namespace with your GitHub Personal Access Token (PAT).

kubectl create secret generic github-pat-token \
  --from-literal=token=GITHUB_PAT_TOKEN \
  --namespace nirmata

Create the ToolConfig CR.

apiVersion: serviceagents.nirmata.io/v1alpha1
kind: ToolConfig
metadata:
  name: toolconfig-sample
  namespace: nirmata
spec:
  type: github
  credentials:
    method: pat
    pat:
      secretRef:
        name: github-pat-token
        namespace: nirmata
        key: token

GitLab

Using Personal Access Token

Create a Kubernetes secret in the nirmata namespace with your GitLab Personal Access Token (PAT).

kubectl create secret generic gitlab-pat-token \
  --from-literal=token=GITLAB_PAT_TOKEN \
  --namespace=nirmata

Create the ToolConfig CR.

apiVersion: serviceagents.nirmata.io/v1alpha1
kind: ToolConfig
metadata:
  name: toolconfig-sample
  namespace: nirmata
spec:
  type: gitlab
  credentials:
    method: pat
    pat:
      secretRef:
        name: gitlab-pat-token
        namespace: nirmata
        key: token

Advanced Settings

Specifying PR defaults:

Use spec.defaults to specify any default behavior during PR creation. The following customizations are supported:

defaults:
  prBranchPrefix: "remediation-"
  prTitleTemplate: "[Auto-Remediation] Fix policy violations: "
  commitMessageTemplate: "Auto-fix: Remediate policy violations: "