IBM Cloud Integration

Integrate Toranj with IBM Cloud DevOps and OpenShift

Overview

Toranj integrates with IBM Cloud services including IBM Cloud DevOps, Red Hat OpenShift on IBM Cloud, IBM Container Registry, and Tekton Pipelines to provide enterprise-grade security scanning and continuous monitoring for your cloud-native applications.

Tekton Integration

Cloud-native CI/CD with Tekton Pipelines

OpenShift Security

Enterprise Kubernetes security scanning

DevOps Toolchain

Integrated toolchain with security gates

Prerequisites

Requirements for IBM Cloud integration with Toranj

IBM Cloud Account

Active IBM Cloud account with appropriate permissions

Toranj API Key

Valid API key from Toranj dashboard

IBM Cloud CLI

IBM Cloud CLI with container-service plugin

Kubernetes Cluster

IKS or OpenShift cluster on IBM Cloud

IBM Cloud Setup Script

Automated setup for IBM Cloud environment

setup-ibm-cloud.sh

#!/bin/bash
# IBM Cloud DevOps setup script for Toranj integration

# Set variables
RESOURCE_GROUP="toranj-rg"
CLUSTER_NAME="toranj-cluster"
REGISTRY_NAMESPACE="toranj-security"
REGION="us-south"

# Login to IBM Cloud
echo "Logging into IBM Cloud..."
ibmcloud login --sso

# Target resource group and region
ibmcloud target -g $RESOURCE_GROUP -r $REGION

# Create Container Registry namespace
echo "Creating Container Registry namespace..."
ibmcloud cr namespace-add $REGISTRY_NAMESPACE

# Create IKS cluster (if not exists)
echo "Creating IKS cluster..."
ibmcloud ks cluster create classic --name $CLUSTER_NAME --target $REGION --machine-type b3c.4x16 --workers 3

# Wait for cluster to be ready
echo "Waiting for cluster to be ready..."
ibmcloud ks cluster get --cluster $CLUSTER_NAME

# Get cluster config
echo "Configuring kubectl..."
ibmcloud ks cluster config --cluster $CLUSTER_NAME

# Install Tekton Pipelines
echo "Installing Tekton Pipelines..."
kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml

# Create namespace for Toranj
kubectl create namespace toranj-security

# Create secret for Toranj API key
kubectl create secret generic toranj-credentials \
  --from-literal=api-key="YOUR_GATEMIND_API_KEY" \
  --from-literal=project-id="YOUR_GATEMIND_PROJECT_ID" \
  -n toranj-security

# Create secret for IBM Container Registry
kubectl create secret docker-registry icr-secret \
  --docker-server=us.icr.io \
  --docker-username=iamapikey \
  --docker-password="YOUR_IBM_CLOUD_API_KEY" \
  -n toranj-security

echo "IBM Cloud setup completed!"

Replace placeholder values (YOUR_GATEMIND_API_KEY, YOUR_IBM_CLOUD_API_KEY) with actual credentials before running.