Dex/API server and Catalogue Support for Subcluster
Relates-To: #136 Change-Id: I6d14f6cc976d3f8a174e2d083425a970f59dcd92
This commit is contained in:
parent
1da8f2cc03
commit
13ab3564e7
|
@ -5,3 +5,4 @@ resources:
|
|||
- ../../../../function/treasuremap-base-catalogues
|
||||
- subcluster-networking.yaml
|
||||
- vm-networking.yaml
|
||||
- utility-subcluster.yaml
|
|
@ -0,0 +1,12 @@
|
|||
apiVersion: airshipit.org/v1alpha1
|
||||
kind: VariableCatalogue
|
||||
metadata:
|
||||
labels:
|
||||
airshipit.org/deploy-k8s: "false"
|
||||
name: utility-subcluster
|
||||
spec:
|
||||
dex:
|
||||
oidc_issuer: https://dex.utilitysub.local:30556/dex
|
||||
hostname: dex.utilitysub.local
|
||||
client-id: utility-kubernetes
|
||||
site: dex-utility-site
|
|
@ -1,4 +1,5 @@
|
|||
resources:
|
||||
- ../../../../../function/dex-aio
|
||||
- sipcluster.yaml
|
||||
- ../../../../sub-cluster/provide-infra/
|
||||
namespace: lma-infra
|
|
@ -68,6 +68,16 @@ replacements:
|
|||
# NOTE: The SIPCluster CR accepts multiple infra service definitions,
|
||||
# but we only deploy one instance of each.
|
||||
fieldrefs: ["{.spec.services.loadBalancerWorker[0].nodePort}"]
|
||||
- source:
|
||||
objref:
|
||||
kind: VariableCatalogue
|
||||
name: imported-secrets
|
||||
fieldref: "{.dex.ldap.sub-cluster.bind_password}"
|
||||
target:
|
||||
objref:
|
||||
kind: HelmRelease
|
||||
name: dex-aio
|
||||
fieldrefs: ["{.spec.values.params.ldap.bind_password}"]
|
||||
- source:
|
||||
objref:
|
||||
kind: VariableCatalogue
|
||||
|
@ -78,3 +88,37 @@ replacements:
|
|||
kind: HelmRelease
|
||||
name: dex-aio
|
||||
fieldrefs: ["{.values.params.endpoints.port.https}"]
|
||||
### DEX - API SERVER/OIDC INTEGRATION ###
|
||||
# Dex sitename
|
||||
- source:
|
||||
objref:
|
||||
kind: VariableCatalogue
|
||||
name: utility-subcluster
|
||||
fieldref: "{.spec.dex.site}"
|
||||
target:
|
||||
objref:
|
||||
kind: HelmRelease
|
||||
name: dex-aio
|
||||
fieldrefs: ["{.spec.values.params.site.name}"]
|
||||
# Dex hostname
|
||||
- source:
|
||||
objref:
|
||||
kind: VariableCatalogue
|
||||
name: utility-subcluster
|
||||
fieldref: "{.spec.dex.hostname}"
|
||||
target:
|
||||
objref:
|
||||
kind: HelmRelease
|
||||
name: dex-aio
|
||||
fieldrefs: ["{.spec.values.params.endpoints.hostname}"]
|
||||
# Dex client id
|
||||
- source:
|
||||
objref:
|
||||
kind: VariableCatalogue
|
||||
name: utility-subcluster
|
||||
fieldref: "{.spec.dex.client-id}"
|
||||
target:
|
||||
objref:
|
||||
kind: HelmRelease
|
||||
name: dex-aio
|
||||
fieldrefs: ["{.spec.values.params.oidc.client_id}"]
|
|
@ -1,4 +1,5 @@
|
|||
resources:
|
||||
- ../../../../../function/dex-aio
|
||||
- sipcluster.yaml
|
||||
- ../../../../sub-cluster/provide-infra/
|
||||
namespace: wordpress-infra
|
|
@ -56,6 +56,16 @@ replacements:
|
|||
# NOTE: The SIPCluster CR accepts multiple infra service definitions,
|
||||
# but we only deploy one instance of each.
|
||||
fieldrefs: ["{.spec.services.loadBalancerWorker[0].nodePort}"]
|
||||
- source:
|
||||
objref:
|
||||
kind: VariableCatalogue
|
||||
name: imported-secrets
|
||||
fieldref: "{.dex.ldap.sub-cluster.bind_password}"
|
||||
target:
|
||||
objref:
|
||||
kind: HelmRelease
|
||||
name: dex-aio
|
||||
fieldrefs: ["{.spec.values.params.ldap.bind_password}"]
|
||||
- source:
|
||||
objref:
|
||||
kind: VariableCatalogue
|
||||
|
@ -66,3 +76,37 @@ replacements:
|
|||
kind: HelmRelease
|
||||
name: dex-aio
|
||||
fieldrefs: ["{.values.params.endpoints.port.https}"]
|
||||
### DEX - API SERVER/OIDC INTEGRATION ###
|
||||
# Dex sitename
|
||||
- source:
|
||||
objref:
|
||||
kind: VariableCatalogue
|
||||
name: utility-subcluster
|
||||
fieldref: "{.spec.dex.site}"
|
||||
target:
|
||||
objref:
|
||||
kind: HelmRelease
|
||||
name: dex-aio
|
||||
fieldrefs: ["{.spec.values.params.site.name}"]
|
||||
# Dex hostname
|
||||
- source:
|
||||
objref:
|
||||
kind: VariableCatalogue
|
||||
name: utility-subcluster
|
||||
fieldref: "{.spec.dex.hostname}"
|
||||
target:
|
||||
objref:
|
||||
kind: HelmRelease
|
||||
name: dex-aio
|
||||
fieldrefs: ["{.spec.values.params.endpoints.hostname}"]
|
||||
# Dex client id
|
||||
- source:
|
||||
objref:
|
||||
kind: VariableCatalogue
|
||||
name: utility-subcluster
|
||||
fieldref: "{.spec.dex.client-id}"
|
||||
target:
|
||||
objref:
|
||||
kind: HelmRelease
|
||||
name: dex-aio
|
||||
fieldrefs: ["{.spec.values.params.oidc.client_id}"]
|
||||
|
|
Loading…
Reference in New Issue