Alexander Noskov f08a454b45 Uplift k8s API server and fix 'No API token' issue
After enablement of etcd encryption in https://review.opendev.org/628290 for
promenade, bootstrap-armada pod should be run with
'--experimental-encryption-provider-config' service parameter to avoid issue:
'ERROR: No API token found for service account "airship-ucp-ceph-osd-test"'

Change-Id: Ib9bf1fa7333874b2d88db84019b26a2691a7d18a
2019-07-09 15:29:55 +00:00

51 lines
1.1 KiB
YAML

---
schema: deckhand/DataSchema/v1
metadata:
schema: metadata/Control/v1
name: promenade/EncryptionPolicy/v1
labels:
application: promenade
data:
$schema: http://json-schema.org/schema#
definitions:
script_encryption:
oneof:
- { $ref: '#/definitions/encryption_method_gpg' }
etcd_encryption:
type: array
items:
type: object
additionalProperties: false
properties:
resources:
type: array
items:
type: string
providers:
type: array
items:
type: object
additionalProperties: true
encryption_method_gpg:
properties:
gpg:
type: object
additionalProperties: false
required:
- gpg
additionalProperties: false
properties:
etcd:
$ref: '#/definitions/etcd_encryption'
scripts:
properties:
genesis:
$ref: '#/definitions/script_encryption'
join:
$ref: '#/definitions/script_encryption'
additionalProperties: false
...