8dba799c18
This phase builded on top of generic executor container.
It uses kustomize generator to generate secrets
and SOPS function to encrypt secrets.
Usage:
1. `curl -fsSL -o key.asc https://raw.githubusercontent.com/mozilla/sops/master/pgp/sops_functional_tests_key.asc`
Copy existing key from sops project
2. `export SOPS_IMPORT_PGP="$(cat key.asc)" && export SOPS_PGP_FP="FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4"`
3. `airshipctl phase run secret-generate`
It will generate and encrypt secret in
manifests/site/test-site/target/generator/results/generated/
4. `KUSTOMIZE_PLUGIN_HOME=$(pwd)/manifests SOPS_IMPORT_PGP=$(cat key.asc) kustomize build --enable_alpha_plugins
manifests/site/test-site/target/catalogues/ > output.txt`
It will decrypt encrypted secret
Co-authored-by: Alexey Odinokov <aodinokov@mirantis.com>
Change-Id: I1682d71b7805eb36c407e712dcb747de799bc8bb
Relates-To: #379
42 lines
846 B
YAML
42 lines
846 B
YAML
apiVersion: builtin
|
|
kind: PatchStrategicMergeTransformer
|
|
metadata:
|
|
name: smp
|
|
patches: |-
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: VariableCatalogue
|
|
metadata:
|
|
name: host-catalogue
|
|
$patch: delete
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: VariableCatalogue
|
|
metadata:
|
|
name: host-generation-catalogue
|
|
$patch: delete
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: VariableCatalogue
|
|
metadata:
|
|
name: networking
|
|
$patch: delete
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: VariableCatalogue
|
|
metadata:
|
|
name: env-vars-catalogue
|
|
$patch: delete
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: VariableCatalogue
|
|
metadata:
|
|
name: versions-airshipctl
|
|
$patch: delete
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: VariableCatalogue
|
|
metadata:
|
|
name: password-secret
|
|
$patch: delete
|