docs: update readme

README.md

@@ -1 +1,101 @@
-# a.-common-hosted-clamav-service
+# Common Hosted ClamAV Service
+
+## Docker
+
+To address `clamav` user requirements for the official `ClamAV` container images, we have developed and deployed an `unprivileged` version of ClamAV container images using `GitHub Packages`. This mitigates privilege issues on Openshift.
+
+- See [Dockerfile](docker/Dockerfile) for more detailed information about the Docker container.
+- See [Build and Publish ClamAV Image](.github/workflows/publish-clamav.yml) to understand the build pipeline.
+- See [clamav-unprivileged](https://github.com/bcgov/common-hosted-clamav-service/pkgs/container/clamav-unprivileged) to find the list of published images.
+
+## Helm
+
+We utilize Helm charts to deploy ClamAV instances and related Kubernetes resources on Openshift clusters.
+
+### Deployments
+
+- If you are deploying from your local station, follow these steps:
+
+  1. Log in to the target Openshift cluster:
+
+  ```sh
+  oc login --token=sha256~abcdef --server=https://api.<cluster>.devops.gov.bc.ca:6443
+  ```
+
+  2. Navigate to the main Helm directory:
+
+  ```sh
+  cd helm/main
+  ```
+
+  3. Install/upgrade Helm deployments using `Make` commands:
+
+  ```sh
+  make upgrade NAMESPACE=<namespace> IMAGE_TAG=<clamav-image-tag>
+  ```
+
+  - Refer to [clamav-unprivileged](https://github.com/bcgov/common-hosted-clamav-service/pkgs/container/clamav-unprivileged) for the list of published images.
+
+- If you want to deploy via `GitHub UI` using workflow dispatch, follow these steps:
+
+  1. Navigate to the `Deploy ClamAV` GitHub workflow dispatch.
+
+     - https://github.com/bcgov/common-hosted-clamav-service/actions/workflows/deploy.yml
+
+  2. Click the `Run workflow` button on the right.
+  3. Select the target environment for ClamAV deployment.
+  4. Enter the image tag version.
+
+  - Refer to [clamav-unprivileged](https://github.com/bcgov/common-hosted-clamav-service/pkgs/container/clamav-unprivileged) for the list of published images.
+
+  5. Click the `Run workflow` green button in the popup.
+
+## Load Testing
+
+To run load testing jobs on Openshift clusters, we build and deploy the load-testing container image using `GitHub Packages`.
+
+- See [Dockerfile](load-testing/Dockerfile) for detailed information about the Docker container.
+- See [Build and Publish ClamAV Image](.github/workflows/publish-clamav-load-testing.yml) to understand the build pipeline.
+- See [clamav-load-testing](https://github.com/bcgov/common-hosted-clamav-service/pkgs/container/clamav-load-testing) to find the list of published images.
+
+### Deployments
+
+- Please follow the steps below:
+
+  1. Log in to the target Openshift cluster where you want to run the load testing:
+
+  ```sh
+  oc login --token=sha256~abcdef --server=https://api.<cluster>.devops.gov.bc.ca:6443
+  ```
+
+  2. Navigate to the load-testing directory:
+
+  ```sh
+  cd load-testing
+  ```
+
+  3. Create the load testing Job:
+
+  ```sh
+  kubectl apply -f job.yaml
+  ```
+
+  - You may want to update the target ClamAV host environment variable `CLAMAV_HOST`
+
+  4. Delete the load testing Job:
+
+  ```sh
+  kubectl delete -f job.yaml
+  ```
+
+## OC Deployers
+
+We utilize Terraform to generate the `Openshift service account token` for use in GitHub pipelines.
+
+- See [oc-deployers - README.md](./oc-deployers/README.md) for detailed information and instructions.
+
+## Network Policies
+
+We utilize Terraform to configure `Openshift Network Policies` for managing access to ClamAV instances.
+
+- See [network-policies - README.md](./network-policies/README.md) for detailed information and instructions.

network-policies/README.md

@@ -0,0 +1,33 @@
+# Openshift Network Policy Provision
+
+In order to implement `configuration as code` and simplify the process of configuring Openshift Network Policies for managing access to ClamAV instances, we rely on a powerful tool called [Terraform](https://www.terraform.io/).
+
+## Procedure
+
+1. Go to the target environment directory:
+
+   ```sh
+   cd <cluster-name>/<environment>
+   ```
+
+2. Create a file that includes the necessary information to establish access to the target environment:
+   ```sh
+   cat <<EOF > <license-plate>.tf
+   module "<license-plate>" {
+     source        = "./network-policy"
+     license_plate = "<license-plate>"
+   }
+   EOF
+   ```
+
+- Example
+
+  ```sh
+  cd silver/dev
+  cat <<EOF > abcdef.tf
+  module "abcdef" {
+  source        = "./network-policy"
+  license_plate = "abcdef"
+  }
+  EOF
+  ```

oc-deployers/README.md

@@ -1,18 +1,24 @@
 # Openshift Deployment with Terraform
 
-In order to implement `configuration as code` and streamline the process of creating an Openshift service account token for `GitHub Actions` to deploy k8s resources on an Openshift cluster, we utilize a tool called [Terraform](https://www.terraform.io/).
+In order to implement `configuration as code` and streamline the process of creating an `Openshift service account token` for `GitHub Actions` to deploy k8s resources on an Openshift cluster, we utilize a tool called [Terraform](https://www.terraform.io/).
 
 ## Procedure
 
-1. Initialize the working directory that contains the Terraform configuration files:
+1. Go to the target namespace directory:
+
+   ```sh
+   cd <namespace>
+   ```
+
+2. Initialize the working directory containing the Terraform configuration files:
    ```sh
    terraform init
    ```
-2. Preview the changes that Terraform intends to apply to your infrastructure:
+3. Preview the changes Terraform intends to make to your infrastructure:
    ```sh
    terraform plan
    ```
-3. Execute the actions specified in the Terraform plan:
+4. Execute the actions specified in the Terraform plan:
    ```sh
    terraform apply
    ```