From 4f05c7b729c138148a8ed6e898af892b72f0df38 Mon Sep 17 00:00:00 2001 From: Matt McEuen Date: Fri, 18 Jun 2021 14:41:34 -0500 Subject: [PATCH] Split out k8scontrol oidc patching Prior to this change, VRRP setup and Dex setup was bundled into the same k8scontrol-ha function. However, subclusters will require Dex *without* VRRP, so this change splits them up, into a k8scontrol-oidc (used directly by the subcluster) and k8scontrol-ha (which will inherit from k8scontrol-oidc). Change-Id: Ib55871353f24be031a7bb1cc4550f0db3ad5aff2 Closes: 182 --- .../function/k8scontrol-ha/kustomization.yaml | 18 ++++-------------- .../replacements/kustomization.yaml | 3 +-- .../dex-ca-cert-secret.yaml | 0 .../k8scontrol-oidc/kustomization.yaml | 19 +++++++++++++++++++ .../oidc-apiserver-ca-cert.json | 0 .../oidc-apiserver-extra-args.yaml | 0 .../replacements/kustomization.yaml | 3 +++ .../replacements/update-dex.yaml | 0 .../controlplane/kustomization.yaml | 2 ++ 9 files changed, 29 insertions(+), 16 deletions(-) rename manifests/function/{k8scontrol-ha => k8scontrol-oidc}/dex-ca-cert-secret.yaml (100%) create mode 100644 manifests/function/k8scontrol-oidc/kustomization.yaml rename manifests/function/{k8scontrol-ha => k8scontrol-oidc}/oidc-apiserver-ca-cert.json (100%) rename manifests/function/{k8scontrol-ha => k8scontrol-oidc}/oidc-apiserver-extra-args.yaml (100%) create mode 100644 manifests/function/k8scontrol-oidc/replacements/kustomization.yaml rename manifests/function/{k8scontrol-ha => k8scontrol-oidc}/replacements/update-dex.yaml (100%) diff --git a/manifests/function/k8scontrol-ha/kustomization.yaml b/manifests/function/k8scontrol-ha/kustomization.yaml index f572c7b81..8967b5041 100644 --- a/manifests/function/k8scontrol-ha/kustomization.yaml +++ b/manifests/function/k8scontrol-ha/kustomization.yaml @@ -1,25 +1,15 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -resources: - - ../../../../airshipctl/manifests/function/k8scontrol - - dex-ca-cert-secret.yaml - namespace: target-infra +resources: + - ../k8scontrol-oidc + patches: - - target: - group: controlplane.cluster.x-k8s.io - version: v1alpha3 - kind: KubeadmControlPlane - path: oidc-apiserver-ca-cert.json - target: group: controlplane.cluster.x-k8s.io version: v1alpha3 kind: KubeadmControlPlane path: vrrp_keepalived_patch.yaml - - target: - group: controlplane.cluster.x-k8s.io - version: v1alpha3 - kind: KubeadmControlPlane - path: oidc-apiserver-extra-args.yaml + diff --git a/manifests/function/k8scontrol-ha/replacements/kustomization.yaml b/manifests/function/k8scontrol-ha/replacements/kustomization.yaml index 488d4922c..b43e0d9ae 100644 --- a/manifests/function/k8scontrol-ha/replacements/kustomization.yaml +++ b/manifests/function/k8scontrol-ha/replacements/kustomization.yaml @@ -1,4 +1,3 @@ resources: - - ../../../../../airshipctl/manifests/function/k8scontrol/replacements + - ../../k8scontrol-oidc/replacements - networking-ha.yaml - - update-dex.yaml diff --git a/manifests/function/k8scontrol-ha/dex-ca-cert-secret.yaml b/manifests/function/k8scontrol-oidc/dex-ca-cert-secret.yaml similarity index 100% rename from manifests/function/k8scontrol-ha/dex-ca-cert-secret.yaml rename to manifests/function/k8scontrol-oidc/dex-ca-cert-secret.yaml diff --git a/manifests/function/k8scontrol-oidc/kustomization.yaml b/manifests/function/k8scontrol-oidc/kustomization.yaml new file mode 100644 index 000000000..cfbd5557d --- /dev/null +++ b/manifests/function/k8scontrol-oidc/kustomization.yaml @@ -0,0 +1,19 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - ../../../../airshipctl/manifests/function/k8scontrol + - dex-ca-cert-secret.yaml + +patches: + - target: + group: controlplane.cluster.x-k8s.io + version: v1alpha3 + kind: KubeadmControlPlane + path: oidc-apiserver-ca-cert.json + - target: + group: controlplane.cluster.x-k8s.io + version: v1alpha3 + kind: KubeadmControlPlane + path: oidc-apiserver-extra-args.yaml + diff --git a/manifests/function/k8scontrol-ha/oidc-apiserver-ca-cert.json b/manifests/function/k8scontrol-oidc/oidc-apiserver-ca-cert.json similarity index 100% rename from manifests/function/k8scontrol-ha/oidc-apiserver-ca-cert.json rename to manifests/function/k8scontrol-oidc/oidc-apiserver-ca-cert.json diff --git a/manifests/function/k8scontrol-ha/oidc-apiserver-extra-args.yaml b/manifests/function/k8scontrol-oidc/oidc-apiserver-extra-args.yaml similarity index 100% rename from manifests/function/k8scontrol-ha/oidc-apiserver-extra-args.yaml rename to manifests/function/k8scontrol-oidc/oidc-apiserver-extra-args.yaml diff --git a/manifests/function/k8scontrol-oidc/replacements/kustomization.yaml b/manifests/function/k8scontrol-oidc/replacements/kustomization.yaml new file mode 100644 index 000000000..d2a53570a --- /dev/null +++ b/manifests/function/k8scontrol-oidc/replacements/kustomization.yaml @@ -0,0 +1,3 @@ +resources: + - ../../../../../airshipctl/manifests/function/k8scontrol/replacements + - update-dex.yaml diff --git a/manifests/function/k8scontrol-ha/replacements/update-dex.yaml b/manifests/function/k8scontrol-oidc/replacements/update-dex.yaml similarity index 100% rename from manifests/function/k8scontrol-ha/replacements/update-dex.yaml rename to manifests/function/k8scontrol-oidc/replacements/update-dex.yaml diff --git a/manifests/type/sub-cluster/controlplane/kustomization.yaml b/manifests/type/sub-cluster/controlplane/kustomization.yaml index 5b192f5ec..a7d2b00d1 100644 --- a/manifests/type/sub-cluster/controlplane/kustomization.yaml +++ b/manifests/type/sub-cluster/controlplane/kustomization.yaml @@ -2,6 +2,8 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ../../../../../airshipctl/manifests/function/k8scontrol + # Switch to this once we want to add Dex back in + #- ../../../function/k8scontrol-oidc patchesJson6902: - target: