a7e332f9ec
Added 2 phases: 1. secret-reencrypt - This phase can be used to reecnrypt the existing secrets with new key. To do so SOPS_IMPORT_PGP must contain old public key and new private key (but may also include other data). SOPS_PGP_FP must contain fingerprint of new private key. 2. secret-show - This phase may be useful for some users that need to see what generated by secret-generate phase. Disabled SOPS debug by default. To enable it back run commands with env variable DEBUG_SOPS_GPG=true Change-Id: Id7fe13d6943d386577df25dba4aaa83e62e58980
282 lines
6.3 KiB
YAML
282 lines
6.3 KiB
YAML
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: initinfra-ephemeral
|
|
clusterName: ephemeral-cluster
|
|
config:
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: KubernetesApply
|
|
name: kubernetes-apply
|
|
documentEntryPoint: ephemeral/initinfra
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: initinfra-networking-ephemeral
|
|
clusterName: ephemeral-cluster
|
|
config:
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: KubernetesApply
|
|
name: kubernetes-apply-nowait
|
|
documentEntryPoint: ephemeral/initinfra-networking
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: controlplane-ephemeral
|
|
clusterName: ephemeral-cluster
|
|
config:
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: KubernetesApply
|
|
name: kubernetes-apply
|
|
documentEntryPoint: ephemeral/controlplane
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: initinfra-target
|
|
clusterName: target-cluster
|
|
config:
|
|
cluster: target-cluster
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: KubernetesApply
|
|
name: kubernetes-apply
|
|
documentEntryPoint: target/initinfra
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: initinfra-networking-target
|
|
clusterName: target-cluster
|
|
config:
|
|
cluster: target-cluster
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: KubernetesApply
|
|
name: kubernetes-apply-nowait
|
|
documentEntryPoint: target/initinfra-networking
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: controlplane-target
|
|
clusterName: target-cluster
|
|
config:
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: KubernetesApply
|
|
name: kubernetes-apply
|
|
documentEntryPoint: target/controlplane
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: workers-target
|
|
clusterName: target-cluster
|
|
config:
|
|
cluster: target-cluster
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: KubernetesApply
|
|
name: kubernetes-apply
|
|
documentEntryPoint: target/workers
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: workers-classification
|
|
clusterName: target-cluster
|
|
config:
|
|
cluster: target-cluster
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: KubernetesApply
|
|
name: kubernetes-apply
|
|
documentEntryPoint: target/workers/provision
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: clusterctl-init-ephemeral
|
|
clusterName: ephemeral-cluster
|
|
config:
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Clusterctl
|
|
name: clusterctl_init
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: clusterctl-init-target
|
|
clusterName: target-cluster
|
|
config:
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Clusterctl
|
|
name: clusterctl_init
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: clusterctl-move
|
|
clusterName: target-cluster
|
|
config:
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Clusterctl
|
|
name: clusterctl_move
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: workload-target
|
|
clusterName: target-cluster
|
|
config:
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: KubernetesApply
|
|
name: kubernetes-apply
|
|
documentEntryPoint: target/workload
|
|
---
|
|
# This phase triggers the deployment of an ephemeral cluster
|
|
# on Azure Cloud platform
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: ephemeral-az-genesis
|
|
config:
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: BootConfiguration
|
|
name: ephemeral-az-genesis
|
|
---
|
|
# This phase triggers the deletion of an ephemeral cluster
|
|
# on Azure Cloud platform
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: ephemeral-az-cleanup
|
|
config:
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: BootConfiguration
|
|
name: ephemeral-az-cleanup
|
|
---
|
|
# This phase triggers the deployment of an ephemeral cluster
|
|
# on Google Cloud platform
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: ephemeral-gcp-genesis
|
|
config:
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: BootConfiguration
|
|
name: ephemeral-gcp-genesis
|
|
---
|
|
# This phase triggers the deletion of an ephemeral cluster
|
|
# on Google Cloud platform
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: ephemeral-gcp-cleanup
|
|
config:
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: BootConfiguration
|
|
name: ephemeral-gcp-cleanup
|
|
---
|
|
# This phase triggers the deployment of an ephemeral cluster
|
|
# on Openstack
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: ephemeral-os-genesis
|
|
config:
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: BootConfiguration
|
|
name: ephemeral-os-genesis
|
|
---
|
|
# This phase triggers the deletion of an ephemeral cluster
|
|
# on Openstack
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: ephemeral-os-cleanup
|
|
config:
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: BootConfiguration
|
|
name: ephemeral-os-cleanup
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: secret-generate
|
|
config:
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
name: encrypter
|
|
documentEntryPoint: target/generator
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: secret-show
|
|
config:
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
name: decrypter
|
|
documentEntryPoint: target/generator/results
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: secret-reencrypt
|
|
config:
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
name: encrypter
|
|
documentEntryPoint: target/generator/results
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: remotedirect-ephemeral
|
|
config:
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: BaremetalManager
|
|
name: RemoteDirectEphemeral
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: iso-cloud-init-data
|
|
config:
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
name: iso-cloud-init-data
|
|
documentEntryPoint: ephemeral/bootstrap
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Phase
|
|
metadata:
|
|
name: iso-build-image
|
|
config:
|
|
executorRef:
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
name: iso-build-image
|
|
documentEntryPoint: empty
|