airship
/
treasuremap
Code Issues Proposed changes
treasuremap/manifests/function/dex-aio/replacements/update-dex.yaml

171 lines
4.5 KiB
YAML
Raw Blame History

apiVersion: airshipit.org/v1alpha1
kind: ReplacementTransformer
metadata:
name: k8scontrol-cluster-dex-replacements
annotations:
config.kubernetes.io/function: |-
container:
image: localhost/replacement-transformer
replacements:
- source:
objref:
kind: VariableCatalogue
name: generated-secrets
fieldref: "{.dex.oidc.clientSecret}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.params.oidc.client_secret}"]
- source:
objref:
kind: VariableCatalogue
name: imported-secrets
fieldref: "{.dex.ldap.target-cluster.bind_password}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.params.ldap.bind_password}"]
### DEX - API SERVER/OIDC INTEGRATION ###
# Dex sitename, e.g., dex-virtual-airship-core
- source:
objref:
kind: VariableCatalogue
name: utility-treasuremap
fieldref: "{.spec.dex.site}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.params.site.name}"]
# Dex hostname, e.g., dex.function.local
- source:
objref:
kind: VariableCatalogue
name: utility-treasuremap
fieldref: "{.spec.dex.hostname}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.params.endpoints.hostname}"]
# Dex NodePort port number, e.g., 32556. MUST be between [30000 - 32767]
- source:
objref:
kind: VariableCatalogue
name: utility-treasuremap
fieldref: "{.spec.dex.nodeport}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.params.endpoints.port.https}"]
# Dex client id, e.g., function-kubernetes
- source:
objref:
kind: VariableCatalogue
name: utility-treasuremap
fieldref: "{.spec.dex.client-id}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.params.oidc.client_id}"]
### DEX-AIO IMAGES ###
# Dex image
- source:
objref:
kind: VersionsCatalogue
name: versions-treasuremap
fieldref: "{.spec.image_components.dex-aio.dex.tag}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.images.applications.dex.tag}"]
- source:
objref:
kind: VersionsCatalogue
name: versions-treasuremap
fieldref: "{.spec.image_components.dex-aio.dex.name}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.images.applications.dex.name}"]
- source:
objref:
kind: VersionsCatalogue
name: versions-treasuremap
fieldref: "{.spec.image_components.dex-aio.dex.repository}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.images.applications.dex.repo}"]
# NGINX image
- source:
objref:
kind: VersionsCatalogue
name: versions-treasuremap
fieldref: "{.spec.image_components.dex-aio.nginx.tag}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.images.applications.nginx.tag}"]
- source:
objref:
kind: VersionsCatalogue
name: versions-treasuremap
fieldref: "{.spec.image_components.dex-aio.nginx.name}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.images.applications.nginx.name}"]
- source:
objref:
kind: VersionsCatalogue
name: versions-treasuremap
fieldref: "{.spec.image_components.dex-aio.nginx.repository}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.images.applications.nginx.repo}"]
# Authenticator image
- source:
objref:
kind: VersionsCatalogue
name: versions-treasuremap
fieldref: "{.spec.image_components.dex-aio.authenticator.tag}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.images.applications.authenticator.tag}"]
- source:
objref:
kind: VersionsCatalogue
name: versions-treasuremap
fieldref: "{.spec.image_components.dex-aio.authenticator.name}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.images.applications.authenticator.name}"]
- source:
objref:
kind: VersionsCatalogue
name: versions-treasuremap
fieldref: "{.spec.image_components.dex-aio.authenticator.repository}"
target:
objref:
kind: HelmRelease
name: dex-aio
fieldrefs: ["{.spec.values.images.applications.authenticator.repo}"]
View Git Blame Copy Permalink