chore: adding clarification on Validating bundles prior to update

cloudbees-oss · Oct 17, 2024 · 46293e7 · 46293e7
1 parent 56835b4
commit 46293e7
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/blueprints/02-at-scale/README.md b/blueprints/02-at-scale/README.md
@@ -167,6 +167,8 @@ If the command is successful, no output is returned.
 
 ### CloudBees CI
 
+#### Authentication and authorization
+
 1. Complete the steps to [validate CloudBees CI](../01-getting-started/README.md#cloudbees-ci), if you have not done so already.
 1. Authentication in this blueprint is based on LDAP using the `cn` user (available in [k8s/openldap-stack-values.yml](./k8s/openldap-stack-values.yml)) and the global password. The authorization level defines a set of permissions configured using [RBAC](https://docs.cloudbees.com/docs/cloudbees-ci/latest/cloud-secure-guide/rbac). Additionally, the operations center and controller use [single sign-on (SS0)](https://docs.cloudbees.com/docs/cloudbees-ci/latest/cloud-secure-guide/using-sso), including a [fallback mechanism](https://docs.cloudbees.com/docs/cloudbees-ci-kb/latest/operations-center/how-ldap-plugin-works-on-cjoc-sso-context) that is enabled by default. Issue the following command to retrieve the global password (valid for all users):
 
@@ -176,6 +178,8 @@ If the command is successful, no output is returned.
 
    There are differences in CloudBees CI permissions and folder restrictions when signed in as a user of the Admin group versus the Development group. For example, only Admin users have access to the agent validation jobs.
 
+#### Configuration as Code (CasC)
+
 1. CasC is enabled for the [operations center](https://docs.cloudbees.com/docs/cloudbees-ci/latest/casc-oc/) (`cjoc`) and [controllers](https://docs.cloudbees.com/docs/cloudbees-ci/latest/casc-controller/) (`team-b` and `team-c-ha`). `team-a` is not using CasC, to illustrate the difference between the two approaches. Issue the following command to verify that all controllers are running:
 
    ```sh
@@ -190,6 +194,8 @@ If the command is successful, no output is returned.
    eval $(terraform output --raw cbci_controller_c_hpa)
    ```
 
+1. [Validating bundles prior to update](https://docs.cloudbees.com/docs/cloudbees-ci/latest/casc-oc/update-bundle#_validating_bundles_prior_to_update) is orchestrated via `validate-all-casc-bundles` jobs using as parameters API Token from admin user `admin_cbci_a` (see [builds](#builds) section) and the branch to validate.
+
 #### Secrets management
 
 ##### Kubernetes secret