Procedure
- Create secrets with the registration token.Create secrets using the following commands: (replace _your-v1-registration-token_ using your v1-registration token):
kubectl create namespace visionone-filesecurity kubectl create secret generic token-secret --from-literal=registration-token="_your-v1-registration-token_" -n visionone-filesecurity kubectl create secret generic device-token-secret -n visionone-filesecurity
- Download the Helm chart containing the scanner from the GitHub repository:
helm repo add visionone-filesecurity https://trendmicro.github.io/visionone-file-security-helm/ helm repo update
- If you wish you can verify that the helm chart has been signed and is valid:Download the public key file and import
curl -o public-key.asc https://trendmicro.github.io/visionone-file-security-helm/public-key.asc gpg --import public-key.asc
WARNING
The GnuPG v2 stores your secret keyring using a new format kbx on the default location ~/.gnupg/pubring.kbx. Please use the following command to convert your keyring to the legacy gpg format (Reference: Helm Provenance and Integrity)Verify that the chart has been signed and is validhelm pull --verify visionone-filesecurity/visionone-filesecurity
- Install the Helm Chart:Install the chart with the release name
my-releasehelm install my-release visionone-filesecurity/visionone-filesecurity -n visionone-filesecurity
- Download and install a File Security SDK or the File Security CLI.
- Verify that the scanner is working using the CLI.
Note
If you installed an SDK instead of the CLI, you can also verify if the scanner is running using the installed SDK. For more information see File Security SDK- Scan file from another pod using Trend Micro File Security CLI with service name as
endpoint:
./tmfs scan file:./eicar.com.txt --tls=false --endpoint=my-release-visionone-filesecurity-scanner:50051
- Scan file from another pod using Trend Micro File Security CLI with service name as
endpoint: