67 lines
2.8 KiB
YAML
67 lines
2.8 KiB
YAML
{{/*
|
|
This manifest results in two secrets being created:
|
|
1) Keystone "etcd" secret, which is needed to access the cluster
|
|
(remote or same cluster) for storing etcd backups. If the
|
|
cluster is remote, the auth_url would be non-null.
|
|
2) Keystone "admin" secret, which is needed to create the "etcd"
|
|
keystone account mentioned above. This may not be needed if the
|
|
account is in a remote cluster (auth_url is non-null in that case).
|
|
*/}}
|
|
|
|
{{- if .Values.backup.remote_backup.enabled }}
|
|
|
|
{{- $envAll := . }}
|
|
{{- $userClass := .Values.service.name | replace "-etcd" "" }}
|
|
{{- $serviceName := $envAll.Values.service.name }}
|
|
{{- $secretName := printf "%s" (index $envAll.Values.secrets.identity $userClass) }}
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: {{ $secretName }}
|
|
type: Opaque
|
|
data:
|
|
{{- $identityClass := index .Values.endpoints.identity.auth $userClass }}
|
|
{{- if $identityClass.auth_url }}
|
|
OS_AUTH_URL: {{ $identityClass.auth_url | b64enc }}
|
|
{{- else }}
|
|
OS_AUTH_URL: {{ tuple "identity" "internal" "api" $envAll | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | b64enc }}
|
|
{{- end }}
|
|
OS_REGION_NAME: {{ $identityClass.region_name | b64enc }}
|
|
OS_INTERFACE: {{ $identityClass.interface | default "internal" | b64enc }}
|
|
OS_PROJECT_DOMAIN_NAME: {{ $identityClass.project_domain_name | b64enc }}
|
|
OS_PROJECT_NAME: {{ $identityClass.project_name | b64enc }}
|
|
OS_USER_DOMAIN_NAME: {{ $identityClass.user_domain_name | b64enc }}
|
|
OS_USERNAME: {{ $identityClass.username | b64enc }}
|
|
OS_PASSWORD: {{ $identityClass.password | b64enc }}
|
|
OS_DEFAULT_DOMAIN: {{ $identityClass.default_domain_id | default "default" | b64enc }}
|
|
...
|
|
{{- if .Values.manifests.job_ks_user }}
|
|
{{- $userClass := "admin" }}
|
|
{{- $serviceName := $envAll.Values.service.name }}
|
|
{{- $secretName := printf "%s" (index $envAll.Values.secrets.identity $userClass) }}
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: {{ $secretName }}
|
|
type: Opaque
|
|
data:
|
|
{{- $identityClass := index .Values.endpoints.identity.auth $userClass }}
|
|
{{- if $identityClass.auth_url }}
|
|
OS_AUTH_URL: {{ $identityClass.auth_url | b64enc }}
|
|
{{- else }}
|
|
OS_AUTH_URL: {{ tuple "identity" "internal" "api" $envAll | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | b64enc }}
|
|
{{- end }}
|
|
OS_REGION_NAME: {{ $identityClass.region_name | b64enc }}
|
|
OS_INTERFACE: {{ $identityClass.interface | default "internal" | b64enc }}
|
|
OS_PROJECT_DOMAIN_NAME: {{ $identityClass.project_domain_name | b64enc }}
|
|
OS_PROJECT_NAME: {{ $identityClass.project_name | b64enc }}
|
|
OS_USER_DOMAIN_NAME: {{ $identityClass.user_domain_name | b64enc }}
|
|
OS_USERNAME: {{ $identityClass.username | b64enc }}
|
|
OS_PASSWORD: {{ $identityClass.password | b64enc }}
|
|
OS_DEFAULT_DOMAIN: {{ $identityClass.default_domain_id | default "default" | b64enc }}
|
|
...
|
|
{{- end }}
|
|
{{- end }}
|