Dex/API server and Catalogue Support for Subcluster
Relates-To: #136 Change-Id: I6d14f6cc976d3f8a174e2d083425a970f59dcd92
This commit is contained in:
parent
1da8f2cc03
commit
13ab3564e7
|
@ -5,3 +5,4 @@ resources:
|
||||||
- ../../../../function/treasuremap-base-catalogues
|
- ../../../../function/treasuremap-base-catalogues
|
||||||
- subcluster-networking.yaml
|
- subcluster-networking.yaml
|
||||||
- vm-networking.yaml
|
- vm-networking.yaml
|
||||||
|
- utility-subcluster.yaml
|
|
@ -0,0 +1,12 @@
|
||||||
|
apiVersion: airshipit.org/v1alpha1
|
||||||
|
kind: VariableCatalogue
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
airshipit.org/deploy-k8s: "false"
|
||||||
|
name: utility-subcluster
|
||||||
|
spec:
|
||||||
|
dex:
|
||||||
|
oidc_issuer: https://dex.utilitysub.local:30556/dex
|
||||||
|
hostname: dex.utilitysub.local
|
||||||
|
client-id: utility-kubernetes
|
||||||
|
site: dex-utility-site
|
|
@ -1,4 +1,5 @@
|
||||||
resources:
|
resources:
|
||||||
- ../../../../../function/dex-aio
|
- ../../../../../function/dex-aio
|
||||||
- sipcluster.yaml
|
- sipcluster.yaml
|
||||||
|
- ../../../../sub-cluster/provide-infra/
|
||||||
namespace: lma-infra
|
namespace: lma-infra
|
|
@ -68,6 +68,16 @@ replacements:
|
||||||
# NOTE: The SIPCluster CR accepts multiple infra service definitions,
|
# NOTE: The SIPCluster CR accepts multiple infra service definitions,
|
||||||
# but we only deploy one instance of each.
|
# but we only deploy one instance of each.
|
||||||
fieldrefs: ["{.spec.services.loadBalancerWorker[0].nodePort}"]
|
fieldrefs: ["{.spec.services.loadBalancerWorker[0].nodePort}"]
|
||||||
|
- source:
|
||||||
|
objref:
|
||||||
|
kind: VariableCatalogue
|
||||||
|
name: imported-secrets
|
||||||
|
fieldref: "{.dex.ldap.sub-cluster.bind_password}"
|
||||||
|
target:
|
||||||
|
objref:
|
||||||
|
kind: HelmRelease
|
||||||
|
name: dex-aio
|
||||||
|
fieldrefs: ["{.spec.values.params.ldap.bind_password}"]
|
||||||
- source:
|
- source:
|
||||||
objref:
|
objref:
|
||||||
kind: VariableCatalogue
|
kind: VariableCatalogue
|
||||||
|
@ -78,3 +88,37 @@ replacements:
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
name: dex-aio
|
name: dex-aio
|
||||||
fieldrefs: ["{.values.params.endpoints.port.https}"]
|
fieldrefs: ["{.values.params.endpoints.port.https}"]
|
||||||
|
### DEX - API SERVER/OIDC INTEGRATION ###
|
||||||
|
# Dex sitename
|
||||||
|
- source:
|
||||||
|
objref:
|
||||||
|
kind: VariableCatalogue
|
||||||
|
name: utility-subcluster
|
||||||
|
fieldref: "{.spec.dex.site}"
|
||||||
|
target:
|
||||||
|
objref:
|
||||||
|
kind: HelmRelease
|
||||||
|
name: dex-aio
|
||||||
|
fieldrefs: ["{.spec.values.params.site.name}"]
|
||||||
|
# Dex hostname
|
||||||
|
- source:
|
||||||
|
objref:
|
||||||
|
kind: VariableCatalogue
|
||||||
|
name: utility-subcluster
|
||||||
|
fieldref: "{.spec.dex.hostname}"
|
||||||
|
target:
|
||||||
|
objref:
|
||||||
|
kind: HelmRelease
|
||||||
|
name: dex-aio
|
||||||
|
fieldrefs: ["{.spec.values.params.endpoints.hostname}"]
|
||||||
|
# Dex client id
|
||||||
|
- source:
|
||||||
|
objref:
|
||||||
|
kind: VariableCatalogue
|
||||||
|
name: utility-subcluster
|
||||||
|
fieldref: "{.spec.dex.client-id}"
|
||||||
|
target:
|
||||||
|
objref:
|
||||||
|
kind: HelmRelease
|
||||||
|
name: dex-aio
|
||||||
|
fieldrefs: ["{.spec.values.params.oidc.client_id}"]
|
|
@ -1,4 +1,5 @@
|
||||||
resources:
|
resources:
|
||||||
- ../../../../../function/dex-aio
|
- ../../../../../function/dex-aio
|
||||||
- sipcluster.yaml
|
- sipcluster.yaml
|
||||||
|
- ../../../../sub-cluster/provide-infra/
|
||||||
namespace: wordpress-infra
|
namespace: wordpress-infra
|
|
@ -56,6 +56,16 @@ replacements:
|
||||||
# NOTE: The SIPCluster CR accepts multiple infra service definitions,
|
# NOTE: The SIPCluster CR accepts multiple infra service definitions,
|
||||||
# but we only deploy one instance of each.
|
# but we only deploy one instance of each.
|
||||||
fieldrefs: ["{.spec.services.loadBalancerWorker[0].nodePort}"]
|
fieldrefs: ["{.spec.services.loadBalancerWorker[0].nodePort}"]
|
||||||
|
- source:
|
||||||
|
objref:
|
||||||
|
kind: VariableCatalogue
|
||||||
|
name: imported-secrets
|
||||||
|
fieldref: "{.dex.ldap.sub-cluster.bind_password}"
|
||||||
|
target:
|
||||||
|
objref:
|
||||||
|
kind: HelmRelease
|
||||||
|
name: dex-aio
|
||||||
|
fieldrefs: ["{.spec.values.params.ldap.bind_password}"]
|
||||||
- source:
|
- source:
|
||||||
objref:
|
objref:
|
||||||
kind: VariableCatalogue
|
kind: VariableCatalogue
|
||||||
|
@ -66,3 +76,37 @@ replacements:
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
name: dex-aio
|
name: dex-aio
|
||||||
fieldrefs: ["{.values.params.endpoints.port.https}"]
|
fieldrefs: ["{.values.params.endpoints.port.https}"]
|
||||||
|
### DEX - API SERVER/OIDC INTEGRATION ###
|
||||||
|
# Dex sitename
|
||||||
|
- source:
|
||||||
|
objref:
|
||||||
|
kind: VariableCatalogue
|
||||||
|
name: utility-subcluster
|
||||||
|
fieldref: "{.spec.dex.site}"
|
||||||
|
target:
|
||||||
|
objref:
|
||||||
|
kind: HelmRelease
|
||||||
|
name: dex-aio
|
||||||
|
fieldrefs: ["{.spec.values.params.site.name}"]
|
||||||
|
# Dex hostname
|
||||||
|
- source:
|
||||||
|
objref:
|
||||||
|
kind: VariableCatalogue
|
||||||
|
name: utility-subcluster
|
||||||
|
fieldref: "{.spec.dex.hostname}"
|
||||||
|
target:
|
||||||
|
objref:
|
||||||
|
kind: HelmRelease
|
||||||
|
name: dex-aio
|
||||||
|
fieldrefs: ["{.spec.values.params.endpoints.hostname}"]
|
||||||
|
# Dex client id
|
||||||
|
- source:
|
||||||
|
objref:
|
||||||
|
kind: VariableCatalogue
|
||||||
|
name: utility-subcluster
|
||||||
|
fieldref: "{.spec.dex.client-id}"
|
||||||
|
target:
|
||||||
|
objref:
|
||||||
|
kind: HelmRelease
|
||||||
|
name: dex-aio
|
||||||
|
fieldrefs: ["{.spec.values.params.oidc.client_id}"]
|
||||||
|
|
Loading…
Reference in New Issue