Dex/API server and Catalogue Support for Subcluster

Relates-To: #136
Change-Id: I6d14f6cc976d3f8a174e2d083425a970f59dcd92
This commit is contained in:
sb048x 2021-06-09 17:55:30 +05:30
parent 1da8f2cc03
commit 13ab3564e7
6 changed files with 103 additions and 0 deletions

View File

@ -5,3 +5,4 @@ resources:
- ../../../../function/treasuremap-base-catalogues
- subcluster-networking.yaml
- vm-networking.yaml
- utility-subcluster.yaml

View File

@ -0,0 +1,12 @@
apiVersion: airshipit.org/v1alpha1
kind: VariableCatalogue
metadata:
labels:
airshipit.org/deploy-k8s: "false"
name: utility-subcluster
spec:
dex:
oidc_issuer: https://dex.utilitysub.local:30556/dex
hostname: dex.utilitysub.local
client-id: utility-kubernetes
site: dex-utility-site

View File

@ -1,4 +1,5 @@
resources:
- ../../../../../function/dex-aio
- sipcluster.yaml
- ../../../../sub-cluster/provide-infra/
namespace: lma-infra

View File

@ -68,6 +68,16 @@ replacements:
# NOTE: The SIPCluster CR accepts multiple infra service definitions,
# but we only deploy one instance of each.
fieldrefs: ["{.spec.services.loadBalancerWorker[0].nodePort}"]
- source:
objref:
kind: VariableCatalogue
name: imported-secrets
fieldref: "{.dex.ldap.sub-cluster.bind_password}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.params.ldap.bind_password}"]
- source:
objref:
kind: VariableCatalogue
@ -78,3 +88,37 @@ replacements:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.values.params.endpoints.port.https}"]
### DEX - API SERVER/OIDC INTEGRATION ###
# Dex sitename
- source:
objref:
kind: VariableCatalogue
name: utility-subcluster
fieldref: "{.spec.dex.site}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.params.site.name}"]
# Dex hostname
- source:
objref:
kind: VariableCatalogue
name: utility-subcluster
fieldref: "{.spec.dex.hostname}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.params.endpoints.hostname}"]
# Dex client id
- source:
objref:
kind: VariableCatalogue
name: utility-subcluster
fieldref: "{.spec.dex.client-id}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.params.oidc.client_id}"]

View File

@ -1,4 +1,5 @@
resources:
- ../../../../../function/dex-aio
- sipcluster.yaml
- ../../../../sub-cluster/provide-infra/
namespace: wordpress-infra

View File

@ -56,6 +56,16 @@ replacements:
# NOTE: The SIPCluster CR accepts multiple infra service definitions,
# but we only deploy one instance of each.
fieldrefs: ["{.spec.services.loadBalancerWorker[0].nodePort}"]
- source:
objref:
kind: VariableCatalogue
name: imported-secrets
fieldref: "{.dex.ldap.sub-cluster.bind_password}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.params.ldap.bind_password}"]
- source:
objref:
kind: VariableCatalogue
@ -66,3 +76,37 @@ replacements:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.values.params.endpoints.port.https}"]
### DEX - API SERVER/OIDC INTEGRATION ###
# Dex sitename
- source:
objref:
kind: VariableCatalogue
name: utility-subcluster
fieldref: "{.spec.dex.site}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.params.site.name}"]
# Dex hostname
- source:
objref:
kind: VariableCatalogue
name: utility-subcluster
fieldref: "{.spec.dex.hostname}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.params.endpoints.hostname}"]
# Dex client id
- source:
objref:
kind: VariableCatalogue
name: utility-subcluster
fieldref: "{.spec.dex.client-id}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.params.oidc.client_id}"]