From 43f8dab09a23c51cb8e95b451ed5e40f992a3fe3 Mon Sep 17 00:00:00 2001 From: Sirajudeen Date: Tue, 12 Jan 2021 16:23:35 +0000 Subject: [PATCH] Fix treasuremap deployment issues. * Fixes validate_docs for treasuremap * Align the secret encryption/decryption changes of airshipctl * Aligning the manifest changes of airshipctl. * Added HWCC. * Replaced helm-operator with flux-helm * Updated node parameters. Relates-To: #77 Closes: #95 Change-Id: I30408de468ac2794703b95a2afc6191908567816 --- manifests/function/ingress/helmrelease.yaml | 31 +++++---- .../function/ingress/helmrepository.yaml | 7 ++ manifests/function/ingress/kustomization.yaml | 1 + .../hostgenerator/kustomization.yaml | 6 +- .../catalogues/cleanup/kustomization.yaml | 3 + .../ephemeral/catalogues/cleanup/smp.yaml | 29 ++++++++ .../hostgenerator/kustomization.yaml | 6 +- .../hostgenerator/kustomization.yaml | 3 +- .../test-site/kubeconfig/kustomization.yaml | 5 ++ .../test-site/kubeconfig/update-target.yaml | 69 +++++++++++++++++++ .../catalogues/cleanup/kustomization.yaml | 3 + .../target/catalogues/cleanup/smp.yaml | 29 ++++++++ .../target/catalogues/kustomization.yaml | 1 + .../catalogues/versions-airshipctl.yaml | 4 +- .../site/test-site/target/generator/README.md | 32 +++++++++ .../target/generator/kustomization.yaml | 2 + .../generator/override/kustomization.yaml | 2 + .../results/cleanup/kustomization.yaml | 2 + .../cleanup/override/kustomization.yaml | 2 + .../configurable-decryption.yaml | 28 ++++++++ .../decrypt-secrets/kustomization.yaml | 2 + .../generator/results/generated/secrets.yaml | 49 +++++++++++++ .../generator/results/kustomization.yaml | 5 ++ .../target/initinfra/kustomization.yaml | 2 + .../workers/hostgenerator/kustomization.yaml | 4 +- .../target/workers/kustomization.yaml | 3 - .../provision/kubeadmconfigtemplate.yaml | 30 ++++++++ .../workers/provision/kustomization.yaml | 11 +++ .../{ => provision}/machinedeployment.yaml | 0 .../provision/metal3machinetemplate.yaml | 10 +++ .../workers/replacements/kustomization.yaml | 4 ++ .../replacements/workers-env-vars.yaml | 41 +++++++++++ .../hostgenerator/kustomization.yaml | 4 +- .../catalogues/cleanup/kustomization.yaml | 3 + .../ephemeral/catalogues/cleanup/smp.yaml | 29 ++++++++ .../hostgenerator/kustomization.yaml | 3 +- .../initinfra-networking/kustomization.yaml | 2 + .../catalogues/cleanup/kustomization.yaml | 3 + .../target/catalogues/cleanup/smp.yaml | 29 ++++++++ .../target/catalogues/kustomization.yaml | 1 + .../target/generator/README.md | 32 +++++++++ .../target/generator/kustomization.yaml | 2 + .../generator/override/kustomization.yaml | 2 + .../results/cleanup/kustomization.yaml | 2 + .../cleanup/override/kustomization.yaml | 2 + .../configurable-decryption.yaml | 28 ++++++++ .../decrypt-secrets/kustomization.yaml | 2 + .../generator/results/generated/secrets.yaml | 49 +++++++++++++ .../generator/results/kustomization.yaml | 5 ++ .../target/generator/secret-template.yaml | 19 +++++ .../initinfra-networking/kustomization.yaml | 2 + .../target/initinfra/kustomization.yaml | 8 +++ .../hostgenerator/host-generation.yaml | 10 +++ .../workers/hostgenerator/kustomization.yaml | 12 ++++ .../patch-delete-catalogues.yaml | 35 ++++++++++ .../target/workers/kustomization.yaml | 4 ++ .../target/workers/nodes/kustomization.yaml | 8 +++ .../provision}/kubeadmconfigtemplate.yaml | 15 ++++ .../workers/provision/kustomization.yaml | 11 +++ .../workers/provision/machinedeployment.yaml | 29 ++++++++ .../provision}/metal3machinetemplate.yaml | 0 .../workers/replacements/kustomization.yaml | 4 ++ .../replacements/workers-env-vars.yaml | 38 ++++++++++ .../target/workload/kustomization.yaml | 2 + .../ephemeral/initinfra/kustomization.yaml | 3 +- .../generator/cleanup/kustomization.yaml | 2 + .../generator/cleanup/secret-cleanup.yaml | 11 +++ .../target/generator/kustomization.yaml | 2 + .../target/generator/secret-template.yaml | 54 +++++++++++++++ .../target/initinfra/kustomization.yaml | 6 +- .../initinfra/replacements/kustomization.yaml | 1 - .../target/workload/kustomization.yaml | 5 +- .../airship-treasuremap-gate-runner.yaml | 22 +++--- playbooks/get-vm-config.yaml | 2 + playbooks/vars/test-config.yaml | 64 ++++++++++++++++- tools/deployment/23_generate_secrets.sh | 29 ++++++++ tools/validate_docs | 8 ++- zuul.d/jobs.yaml | 8 ++- 78 files changed, 994 insertions(+), 44 deletions(-) create mode 100644 manifests/function/ingress/helmrepository.yaml create mode 100644 manifests/site/test-site/ephemeral/catalogues/cleanup/kustomization.yaml create mode 100644 manifests/site/test-site/ephemeral/catalogues/cleanup/smp.yaml create mode 100644 manifests/site/test-site/kubeconfig/update-target.yaml create mode 100644 manifests/site/test-site/target/catalogues/cleanup/kustomization.yaml create mode 100644 manifests/site/test-site/target/catalogues/cleanup/smp.yaml create mode 100644 manifests/site/test-site/target/generator/README.md create mode 100644 manifests/site/test-site/target/generator/kustomization.yaml create mode 100644 manifests/site/test-site/target/generator/override/kustomization.yaml create mode 100644 manifests/site/test-site/target/generator/results/cleanup/kustomization.yaml create mode 100644 manifests/site/test-site/target/generator/results/cleanup/override/kustomization.yaml create mode 100644 manifests/site/test-site/target/generator/results/decrypt-secrets/configurable-decryption.yaml create mode 100644 manifests/site/test-site/target/generator/results/decrypt-secrets/kustomization.yaml create mode 100644 manifests/site/test-site/target/generator/results/generated/secrets.yaml create mode 100644 manifests/site/test-site/target/generator/results/kustomization.yaml create mode 100644 manifests/site/test-site/target/workers/provision/kubeadmconfigtemplate.yaml create mode 100644 manifests/site/test-site/target/workers/provision/kustomization.yaml rename manifests/site/test-site/target/workers/{ => provision}/machinedeployment.yaml (100%) create mode 100644 manifests/site/test-site/target/workers/provision/metal3machinetemplate.yaml create mode 100644 manifests/site/test-site/target/workers/replacements/kustomization.yaml create mode 100644 manifests/site/test-site/target/workers/replacements/workers-env-vars.yaml create mode 100644 manifests/site/virtual-network-cloud/ephemeral/catalogues/cleanup/kustomization.yaml create mode 100644 manifests/site/virtual-network-cloud/ephemeral/catalogues/cleanup/smp.yaml create mode 100644 manifests/site/virtual-network-cloud/ephemeral/initinfra-networking/kustomization.yaml create mode 100644 manifests/site/virtual-network-cloud/target/catalogues/cleanup/kustomization.yaml create mode 100644 manifests/site/virtual-network-cloud/target/catalogues/cleanup/smp.yaml create mode 100644 manifests/site/virtual-network-cloud/target/generator/README.md create mode 100644 manifests/site/virtual-network-cloud/target/generator/kustomization.yaml create mode 100644 manifests/site/virtual-network-cloud/target/generator/override/kustomization.yaml create mode 100644 manifests/site/virtual-network-cloud/target/generator/results/cleanup/kustomization.yaml create mode 100644 manifests/site/virtual-network-cloud/target/generator/results/cleanup/override/kustomization.yaml create mode 100644 manifests/site/virtual-network-cloud/target/generator/results/decrypt-secrets/configurable-decryption.yaml create mode 100644 manifests/site/virtual-network-cloud/target/generator/results/decrypt-secrets/kustomization.yaml create mode 100644 manifests/site/virtual-network-cloud/target/generator/results/generated/secrets.yaml create mode 100644 manifests/site/virtual-network-cloud/target/generator/results/kustomization.yaml create mode 100644 manifests/site/virtual-network-cloud/target/generator/secret-template.yaml create mode 100644 manifests/site/virtual-network-cloud/target/initinfra-networking/kustomization.yaml create mode 100644 manifests/site/virtual-network-cloud/target/initinfra/kustomization.yaml create mode 100644 manifests/site/virtual-network-cloud/target/workers/hostgenerator/host-generation.yaml create mode 100644 manifests/site/virtual-network-cloud/target/workers/hostgenerator/kustomization.yaml create mode 100644 manifests/site/virtual-network-cloud/target/workers/hostgenerator/patch-delete-catalogues.yaml create mode 100644 manifests/site/virtual-network-cloud/target/workers/kustomization.yaml create mode 100644 manifests/site/virtual-network-cloud/target/workers/nodes/kustomization.yaml rename manifests/site/{test-site/target/workers => virtual-network-cloud/target/workers/provision}/kubeadmconfigtemplate.yaml (76%) create mode 100644 manifests/site/virtual-network-cloud/target/workers/provision/kustomization.yaml create mode 100644 manifests/site/virtual-network-cloud/target/workers/provision/machinedeployment.yaml rename manifests/site/{test-site/target/workers => virtual-network-cloud/target/workers/provision}/metal3machinetemplate.yaml (100%) create mode 100644 manifests/site/virtual-network-cloud/target/workers/replacements/kustomization.yaml create mode 100644 manifests/site/virtual-network-cloud/target/workers/replacements/workers-env-vars.yaml create mode 100644 manifests/site/virtual-network-cloud/target/workload/kustomization.yaml create mode 100644 manifests/type/airship-core/target/generator/cleanup/kustomization.yaml create mode 100644 manifests/type/airship-core/target/generator/cleanup/secret-cleanup.yaml create mode 100644 manifests/type/airship-core/target/generator/kustomization.yaml create mode 100644 manifests/type/airship-core/target/generator/secret-template.yaml create mode 100755 tools/deployment/23_generate_secrets.sh diff --git a/manifests/function/ingress/helmrelease.yaml b/manifests/function/ingress/helmrelease.yaml index 03e9d27d4..0905feff2 100644 --- a/manifests/function/ingress/helmrelease.yaml +++ b/manifests/function/ingress/helmrelease.yaml @@ -1,26 +1,33 @@ ---- -apiVersion: "helm.fluxcd.io/v1" +apiVersion: "helm.toolkit.fluxcd.io/v2beta1" kind: HelmRelease metadata: name: ingress spec: - wait: true - timeout: 600 + chart: + spec: + chart: ingress-nginx + version: 3.5.1 + sourceRef: + kind: HelmRepository + name: ingress-nginx + interval: 1m values: + defaultBackend: + enabled: true controller: service: type: NodePort nodePorts: - http: 80 - https: 443 - kind: DaemonSet - hostNetwork: "false" + http: 30000 + https: 30001 nodeSelector: node-role.kubernetes.io/master: "" tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule - chart: - repository: https://kubernetes-charts.storage.googleapis.com - name: nginx-ingress - version: 1.40.1 + # This chart doesn't have any helm tests, but this still runs a noop + # helm test flow, to ensure we can do this. + test: + enable: true + interval: 5m + timeout: 10m diff --git a/manifests/function/ingress/helmrepository.yaml b/manifests/function/ingress/helmrepository.yaml new file mode 100644 index 000000000..71baee4aa --- /dev/null +++ b/manifests/function/ingress/helmrepository.yaml @@ -0,0 +1,7 @@ +apiVersion: source.toolkit.fluxcd.io/v1beta1 +kind: HelmRepository +metadata: + name: ingress-nginx +spec: + url: https://kubernetes.github.io/ingress-nginx + interval: 10m diff --git a/manifests/function/ingress/kustomization.yaml b/manifests/function/ingress/kustomization.yaml index 72552518f..a7803c57e 100644 --- a/manifests/function/ingress/kustomization.yaml +++ b/manifests/function/ingress/kustomization.yaml @@ -1,4 +1,5 @@ resources: - namespace.yaml + - helmrepository.yaml - helmrelease.yaml namespace: ingress diff --git a/manifests/site/test-site/ephemeral/bootstrap/hostgenerator/kustomization.yaml b/manifests/site/test-site/ephemeral/bootstrap/hostgenerator/kustomization.yaml index a88e9926f..a54a977ec 100644 --- a/manifests/site/test-site/ephemeral/bootstrap/hostgenerator/kustomization.yaml +++ b/manifests/site/test-site/ephemeral/bootstrap/hostgenerator/kustomization.yaml @@ -2,9 +2,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ../../../../../../../airshipctl/manifests/function/hostgenerator-m3 + - ../../../../../../../airshipctl/manifests/function/hardwareprofile-example - ../../catalogues/ - host-generation.yaml transformers: - ../../../../../../../airshipctl/manifests/function/hostgenerator-m3/replacements - - patch-delete-catalogues.yaml + - ../../../../../../../airshipctl/manifests/function/hardwareprofile-example/replacements + - ../../../../../../../airshipctl/manifests/function/hostgenerator-m3/cleanup + - ../../catalogues/cleanup + - ../../../../../../../airshipctl/manifests/function/hardwareprofile-example/cleanup diff --git a/manifests/site/test-site/ephemeral/catalogues/cleanup/kustomization.yaml b/manifests/site/test-site/ephemeral/catalogues/cleanup/kustomization.yaml new file mode 100644 index 000000000..db217834b --- /dev/null +++ b/manifests/site/test-site/ephemeral/catalogues/cleanup/kustomization.yaml @@ -0,0 +1,3 @@ +resources: +- smp.yaml +- ../../../target/generator/results/cleanup/ diff --git a/manifests/site/test-site/ephemeral/catalogues/cleanup/smp.yaml b/manifests/site/test-site/ephemeral/catalogues/cleanup/smp.yaml new file mode 100644 index 000000000..5b96bd725 --- /dev/null +++ b/manifests/site/test-site/ephemeral/catalogues/cleanup/smp.yaml @@ -0,0 +1,29 @@ +apiVersion: builtin +kind: PatchStrategicMergeTransformer +metadata: + name: smp +patches: |- + --- + apiVersion: airshipit.org/v1alpha1 + kind: VariableCatalogue + metadata: + name: host-catalogue + $patch: delete + --- + apiVersion: airshipit.org/v1alpha1 + kind: VariableCatalogue + metadata: + name: networking + $patch: delete + --- + apiVersion: airshipit.org/v1alpha1 + kind: VariableCatalogue + metadata: + name: env-vars-catalogue + $patch: delete + --- + apiVersion: airshipit.org/v1alpha1 + kind: VariableCatalogue + metadata: + name: versions-airshipctl + $patch: delete diff --git a/manifests/site/test-site/ephemeral/controlplane/hostgenerator/kustomization.yaml b/manifests/site/test-site/ephemeral/controlplane/hostgenerator/kustomization.yaml index a88e9926f..a54a977ec 100644 --- a/manifests/site/test-site/ephemeral/controlplane/hostgenerator/kustomization.yaml +++ b/manifests/site/test-site/ephemeral/controlplane/hostgenerator/kustomization.yaml @@ -2,9 +2,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ../../../../../../../airshipctl/manifests/function/hostgenerator-m3 + - ../../../../../../../airshipctl/manifests/function/hardwareprofile-example - ../../catalogues/ - host-generation.yaml transformers: - ../../../../../../../airshipctl/manifests/function/hostgenerator-m3/replacements - - patch-delete-catalogues.yaml + - ../../../../../../../airshipctl/manifests/function/hardwareprofile-example/replacements + - ../../../../../../../airshipctl/manifests/function/hostgenerator-m3/cleanup + - ../../catalogues/cleanup + - ../../../../../../../airshipctl/manifests/function/hardwareprofile-example/cleanup diff --git a/manifests/site/test-site/host-inventory/hostgenerator/kustomization.yaml b/manifests/site/test-site/host-inventory/hostgenerator/kustomization.yaml index 5cfebbcba..df43263af 100644 --- a/manifests/site/test-site/host-inventory/hostgenerator/kustomization.yaml +++ b/manifests/site/test-site/host-inventory/hostgenerator/kustomization.yaml @@ -7,4 +7,5 @@ resources: transformers: - ../../../../../../airshipctl/manifests/function/hostgenerator-m3/replacements - - patchesstrategicmerge.yaml + - ../../../../../../airshipctl/manifests/function/hostgenerator-m3/cleanup + - ../../target/catalogues/cleanup diff --git a/manifests/site/test-site/kubeconfig/kustomization.yaml b/manifests/site/test-site/kubeconfig/kustomization.yaml index d48a7b893..5408ae7e9 100644 --- a/manifests/site/test-site/kubeconfig/kustomization.yaml +++ b/manifests/site/test-site/kubeconfig/kustomization.yaml @@ -1,2 +1,7 @@ resources: - kubeconfig.yaml + - ../target/catalogues + +transformers: + - update-target.yaml + - ../target/catalogues/cleanup diff --git a/manifests/site/test-site/kubeconfig/update-target.yaml b/manifests/site/test-site/kubeconfig/update-target.yaml new file mode 100644 index 000000000..c0da036a8 --- /dev/null +++ b/manifests/site/test-site/kubeconfig/update-target.yaml @@ -0,0 +1,69 @@ +apiVersion: airshipit.org/v1alpha1 +kind: ReplacementTransformer +metadata: + name: k8scontrol-cluster-replacements + annotations: + config.kubernetes.io/function: |- + container: + image: quay.io/airshipit/replacement-transformer:latest +replacements: +- source: + objref: + kind: VariableCatalogue + name: generated-secrets + fieldref: "{.targetKubeconfig.certificate-authority-data}" + target: + objref: + kind: KubeConfig + name: default + fieldrefs: [".config.clusters.[name=target-cluster].cluster.certificate-authority-data"] +- source: + objref: + kind: VariableCatalogue + name: generated-secrets + fieldref: "{.targetKubeconfig.client-certificate-data}" + target: + objref: + kind: KubeConfig + name: default + fieldrefs: [".config.users.[name=target-cluster-admin].user.client-certificate-data"] +- source: + objref: + kind: VariableCatalogue + name: generated-secrets + fieldref: "{.targetKubeconfig.client-key-data}" + target: + objref: + kind: KubeConfig + name: default + fieldrefs: [".config.users.[name=target-cluster-admin].user.client-key-data"] +- source: + objref: + kind: VariableCatalogue + name: generated-secrets + fieldref: "{.ephemeralKubeconfig.certificate-authority-data}" + target: + objref: + kind: KubeConfig + name: default + fieldrefs: [".config.clusters.[name=ephemeral-cluster].cluster.certificate-authority-data"] +- source: + objref: + kind: VariableCatalogue + name: generated-secrets + fieldref: "{.ephemeralKubeconfig.client-certificate-data}" + target: + objref: + kind: KubeConfig + name: default + fieldrefs: [".config.users.[name=ephemeral-cluster-admin].user.client-certificate-data"] +- source: + objref: + kind: VariableCatalogue + name: generated-secrets + fieldref: "{.ephemeralKubeconfig.client-key-data}" + target: + objref: + kind: KubeConfig + name: default + fieldrefs: [".config.users.[name=ephemeral-cluster-admin].user.client-key-data"] diff --git a/manifests/site/test-site/target/catalogues/cleanup/kustomization.yaml b/manifests/site/test-site/target/catalogues/cleanup/kustomization.yaml new file mode 100644 index 000000000..153dfff8b --- /dev/null +++ b/manifests/site/test-site/target/catalogues/cleanup/kustomization.yaml @@ -0,0 +1,3 @@ +resources: +- smp.yaml +- ../../generator/results/cleanup/ diff --git a/manifests/site/test-site/target/catalogues/cleanup/smp.yaml b/manifests/site/test-site/target/catalogues/cleanup/smp.yaml new file mode 100644 index 000000000..5b96bd725 --- /dev/null +++ b/manifests/site/test-site/target/catalogues/cleanup/smp.yaml @@ -0,0 +1,29 @@ +apiVersion: builtin +kind: PatchStrategicMergeTransformer +metadata: + name: smp +patches: |- + --- + apiVersion: airshipit.org/v1alpha1 + kind: VariableCatalogue + metadata: + name: host-catalogue + $patch: delete + --- + apiVersion: airshipit.org/v1alpha1 + kind: VariableCatalogue + metadata: + name: networking + $patch: delete + --- + apiVersion: airshipit.org/v1alpha1 + kind: VariableCatalogue + metadata: + name: env-vars-catalogue + $patch: delete + --- + apiVersion: airshipit.org/v1alpha1 + kind: VariableCatalogue + metadata: + name: versions-airshipctl + $patch: delete diff --git a/manifests/site/test-site/target/catalogues/kustomization.yaml b/manifests/site/test-site/target/catalogues/kustomization.yaml index c2eedecd0..f284cc319 100644 --- a/manifests/site/test-site/target/catalogues/kustomization.yaml +++ b/manifests/site/test-site/target/catalogues/kustomization.yaml @@ -4,6 +4,7 @@ kind: Kustomization resources: - ../../../../type/airship-core/shared/catalogues - hosts.yaml + - ../generator/results patchesStrategicMerge: - versions-airshipctl.yaml diff --git a/manifests/site/test-site/target/catalogues/versions-airshipctl.yaml b/manifests/site/test-site/target/catalogues/versions-airshipctl.yaml index d41f3c55f..1d7abbd65 100644 --- a/manifests/site/test-site/target/catalogues/versions-airshipctl.yaml +++ b/manifests/site/test-site/target/catalogues/versions-airshipctl.yaml @@ -8,5 +8,5 @@ files: k8scontrol: # Host the image in a locally served location for CI cluster_controlplane_image: - url: http://10.23.24.1:8099/target-image.qcow2 - checksum: http://10.23.24.1:8099/target-image.qcow2.md5sum + url: http://10.23.24.101:80/images/control-plane.qcow2 + checksum: http://10.23.24.101:80/images/control-plane.qcow2.md5sum diff --git a/manifests/site/test-site/target/generator/README.md b/manifests/site/test-site/target/generator/README.md new file mode 100644 index 000000000..633ba6e85 --- /dev/null +++ b/manifests/site/test-site/target/generator/README.md @@ -0,0 +1,32 @@ +# Secrets generator/encrypter/decrypter + +This directory contains an utility that helps generate, encrypt and decrypt +secrects. These secrects can be used anywhere in manifests. + +For example we can use PGP key from SOPS example. +To get the key we need to run: +`curl -fsSL -o key.asc https://raw.githubusercontent.com/mozilla/sops/master/pgp/sops_functional_tests_key.asc` + +and import this key as environment variable: +`export SOPS_IMPORT_PGP="$(cat key.asc)" && export SOPS_PGP_FP="FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4"` + +## Generator + +To generate secrets we use [template](secret-template.yaml) that will be passed +to kustomize as [generators](kustomization.yaml) during `airshipctl phase run secret-generate` +execution. + +## Encrypter + +To encrypt the secrets that have been generated we use generic container executor. +To start the secrets generate phase we need to execute following phase: +`airshipctl phase run secret-generate` +The executor run SOPS container and pass the pre-generated secrets to this container. +This container encrypt the secrets and write it to directory specified in `kustomizeSinkOutputDir`(results/generated). + +## Decrypter + +To decrypt previously encrypted secrets we use [decrypt-secrets.yaml](results/decrypt-secrets.yaml). +It will run the decrypt sops function when we run +`KUSTOMIZE_PLUGIN_HOME=$(pwd)/manifests SOPS_IMPORT_PGP=$(cat key.asc) kustomize build --enable_alpha_plugins +manifests/site/test-site/target/catalogues/` diff --git a/manifests/site/test-site/target/generator/kustomization.yaml b/manifests/site/test-site/target/generator/kustomization.yaml new file mode 100644 index 000000000..dd34750a4 --- /dev/null +++ b/manifests/site/test-site/target/generator/kustomization.yaml @@ -0,0 +1,2 @@ +generators: + - override diff --git a/manifests/site/test-site/target/generator/override/kustomization.yaml b/manifests/site/test-site/target/generator/override/kustomization.yaml new file mode 100644 index 000000000..b72f80116 --- /dev/null +++ b/manifests/site/test-site/target/generator/override/kustomization.yaml @@ -0,0 +1,2 @@ +resources: +- ../../../../../type/airship-core/target/generator/ diff --git a/manifests/site/test-site/target/generator/results/cleanup/kustomization.yaml b/manifests/site/test-site/target/generator/results/cleanup/kustomization.yaml new file mode 100644 index 000000000..6dfa81441 --- /dev/null +++ b/manifests/site/test-site/target/generator/results/cleanup/kustomization.yaml @@ -0,0 +1,2 @@ +resources: +- override diff --git a/manifests/site/test-site/target/generator/results/cleanup/override/kustomization.yaml b/manifests/site/test-site/target/generator/results/cleanup/override/kustomization.yaml new file mode 100644 index 000000000..002f4ac13 --- /dev/null +++ b/manifests/site/test-site/target/generator/results/cleanup/override/kustomization.yaml @@ -0,0 +1,2 @@ +resources: +- ../../../../../../../type/airship-core/target/generator/cleanup/ diff --git a/manifests/site/test-site/target/generator/results/decrypt-secrets/configurable-decryption.yaml b/manifests/site/test-site/target/generator/results/decrypt-secrets/configurable-decryption.yaml new file mode 100644 index 000000000..c6b8f6b15 --- /dev/null +++ b/manifests/site/test-site/target/generator/results/decrypt-secrets/configurable-decryption.yaml @@ -0,0 +1,28 @@ +apiVersion: airshipit.org/v1alpha1 +kind: Templater +metadata: + name: secret-template + annotations: + config.kubernetes.io/function: | + container: + image: quay.io/airshipit/templater:latest + envs: + - TOLERATE_DECRYPTION_FAILURES +template: | + {{- $tolerate := env "TOLERATE_DECRYPTION_FAILURES" }} + apiVersion: v1 + kind: ConfigMap + metadata: + name: my-config2 + annotations: + config.k8s.io/function: | + container: + image: gcr.io/kpt-fn-contrib/sops:v0.1.0 + envs: + - SOPS_IMPORT_PGP + data: + ignore-mac: true + cmd: decrypt + {{- if eq $tolerate "true" }} + cmd-tolerate-failures: true + {{- end }} diff --git a/manifests/site/test-site/target/generator/results/decrypt-secrets/kustomization.yaml b/manifests/site/test-site/target/generator/results/decrypt-secrets/kustomization.yaml new file mode 100644 index 000000000..4a4ef5320 --- /dev/null +++ b/manifests/site/test-site/target/generator/results/decrypt-secrets/kustomization.yaml @@ -0,0 +1,2 @@ +generators: + - configurable-decryption.yaml diff --git a/manifests/site/test-site/target/generator/results/generated/secrets.yaml b/manifests/site/test-site/target/generator/results/generated/secrets.yaml new file mode 100644 index 000000000..17bb49ccc --- /dev/null +++ b/manifests/site/test-site/target/generator/results/generated/secrets.yaml @@ -0,0 +1,49 @@ +apiVersion: airshipit.org/v1alpha1 +ephemeralClusterCa: + crt: 'ENC[AES256_GCM,data:HZtJf820/r8f0YytJeL1X7EXsKL987I1f1gKLoSNHzSFczOi/zXsiRIWCWH6rYn4Z+smlFtAGufvEM8uPJp8ZdGDlV5zHzjOnfMklOB4n5qOEoEKzwhCgxZaQPBw9Jr0SQBVFOKGPiAnOTkkOgfE5FWra/7SkkmgdLbR4MyHar3y88Eumkrqm4qo3RrfVtaSzTWgygtXME7wRnhutbIiA6zxBsgXFpxoaKMgLmwvJpo9PjSxz5CAYq/SN9mKLYGx3Vyr4ovLjtTIorPlQNW+iL3vBLkwhLP41HKYvK5y+rBIxlEU3Gyvd8493lk6Gh55lbgpT45DYaylC6hD+Ec29DdOwFBg9s8yWFHz8rYVElv5a1+RnOfdfnrfYbNk4eanyZH6PBDyzFZ/KRdMEPGFnMVIQ2ngnDLXzCQOBCTjHLb2FlCSWDmNVFSyDx8CAw7ik1AyNgHScfpIdB/cP/ujpDDhJpFioXMD8gSsX+l0dTDRAZo5ZIIRx8gM0446lmHxWjYZM5oT25PW9SDdo+u7L5oc3kMcKXzo2JxQRY+DDXXtz4ZUigh2RGTN764thOoJQA0LXiW/MjuuXqyXHXY9o49EFHsdq3hgq5DDhcRGTg+0pOUoftmCrpZYeHrv7yYnhiwDi0ot/oZQtIi9GWpKgg4uhuK+gN5htQzM6GNbmibgXNSCJPKeG9AMHErLEzI8SfLh+QRz5Oc8NvsTPHw0OigeX2FqW3rTmbsLR/w1mCHy0Y0IEPHrRMDS4HwzpLyWMvjR2RAHx1sA48su/6qRfxOZEhvOvzX/N06WozO4KjkXWH40oUatxyzH9T0SQaw7Y77eH5zh8PPJ1KL+KhtjpxNTP9CZfuJocuskYbXxeGQgKd5Ky76S0pAjgvpCvGCjCb0ltacW7bBFpblashR+ptRxucI05eBVLSjMRJjxtKb41uUVAg5euNeLVx/r+RoFmbna0NCjOKKXm8k85OORfbPOxXCp3zBgz/D3/+2BAdQS3t9LXi1cF0DuAr1165yxZIT2U3/JBBE/wf/d3T7Z9eVSaH00HI8rJCEhg+Dp14CvpjjOIjYkSti9FmhLNOV2S4pjWzDwsLjV5yGQvJJKApm+yL4NcojfUE61jyDC+VFEmOnETcIfF5nghLk8L7QP9su5eRouqr0NboAPFd6K4Ec9GaH28nRSo8IlDDbVqdYYFzVYAn4mTKX6PWdYzKCISPe1BlYPcRiAocOFqDMKCDjxQuVvMnyl8/VRxJXVU7VMU3BoQ+rdp+/P4lFNxaJA9ewvfvX3Dk81c9AtBJ1t213GEwQ1uLUUaIG89l6AYJ2Wkj2uNfVGCwxwTRDQBsrArhFW8Pj01ysSJ2CNoRfkXBVTm9Pial9PJP3e9xBAoODkLEQfeeWxCQv58UacWnew6HXTf3iMDczH4zfAfGbYMhpVnR/iqkCWemWIq4XpdpjJLRSvpLM0Xi7VsHYDZo3K/bA4aXh9IiT3bOsFU2dM9tV9GR3WodwungbM00tTyQv0ADn2OOTSYD8B1pBzjLQDKn3sXHVyolPkGZIU4T9eB47200nCyaI0BXWGtzhEF9O9lPGg8H9AT6q1oW32s9UCzC4+VVUjXVGv2FY/QIZBkAtFnT4NC2P7sY0EpDuUNfWSPg3gYRTuIySRxJMCQevyC09NsmWx0lOiECmcvEnHh61VkmTeorHaoCpx7Jnb2TceYTCB/6fPUo4wZm64wWxpE7VDozpBL0cqjutuQuuDGKQQ153J0Gp619hruPW74iNqhoe+Qu706DGt/ZR6tpgC/pzmR3qno6a/xXuIXgBFGLJpZJNMcbFaWCsjwB8NovBFiOlTOZpdyhSbZi3DQV+SB0L7Pjt9DnGIBhKNyR1VAxoNMcA1fBw1nH0o1/fid6l42baOWc9CFOwyn72hXw+9QAh/wFy0g+mBRpD7gfl7mqr6vuIILFmo0Zt5FA==,iv:+GaLzo3IZQUbrKH+DwoClgPxECOkhyNkKwu6jj9TFes=,tag:7Gouyh6wTV0YG+MMkC+4bQ==,type:str]' + key: 'ENC[AES256_GCM,data:PYh6RRCwUbdFOegAET7Gy3g+m9LfknB4vCq6amB6pOW4Ebp3LmSjWk3fQBWIaor9J9vhB/Irp/LRcwkPg1jdyzKMP/rmmNthdkdbst4oDcZVI2B3SHUVeJgDM4qN4hZ+xHVgSx0QFS3ynp3KA1kweMis3/VqjwGY8835mqVDjNv7g4OEcmj89HZ/cPmkryf9xEy17cs2ixV6LCfB+8LGr8OoKCYxQFetr3auqEKjAnUWaKpQe2touU2oF5iwVtxThHGTu/ytOyRF5yEjHCezt1B2U3DQ3Vy6nt7PTMA0X6QtHHdP1mOIW/DS1CokdX6LaM8ynosH4XqcQMiP/HfLJ8ymx1xL6zl+CkDGS2gTCyYTR+Nq3jwwhac9G2Pa22IpeMipCKqVFGzbs/bHUzUAfj3Arje1ugCLdarZDVjE2qk9UYLqQ8Sw5eq8jEE1Jqh0GyAS/8VIWsl4+0zggSNYmDmeC9lMKPM/ltMxQg04k/gTKyHKqaeoqs8z1Y26taojGUEHFFJhUcO92JZiKlYbpE4lrm60fuLIl6uxB+mSKJkLdFyCON6QhA7rorKM5CZQb2xrU8mi+NY0O1h1MwXsTIsiXLZcDGzsTJKw8mhnRJGWLpqnJ05Y1/DgvtV9EhuaR6pORsovjP5UDH/qiO1n5gMPBes3ikvQkK8C0CcAH7XoVreVe+deEP/1yHnL5SAMP9Rq0xFJ0AupZDyDTDqdkCv/6ngfqcq+NMTinKEyZVyYy5bb9T6bgYoKAuUYnThttUnDIRtLlKLKHwl1VLtoVEpisd7i3WO3Ul6HhJT3gqHCbGVW9K7SFSotAumChmYnvXSVn64F3+lmyDbyUbttrkeooAZftYP7zjC31ITtltW8D321omb7cfwef/iW/bKtkoqIOnENpX0xUkg/JFpiQrTZTOwVCKj2i43whWdel2XEffD6nMSyys50UrOxd5CunDxXvWP6+/+J2g5GcI3JdbGGE/gDfT5V/9v+4P+Zb4/ayL3KaJbuQksQ5dqR4+QZogyjWrAe53I8UQI1B2YdL/ECoNc6QRaxby93Msl2Q7pShsR5tQBjLtgbeiOdIfmQ5nccfMbUPwubYUdErSZhpuquB2avWF6YNwCfk+oj73dWLPbNtALRCNY5rObhVb+T+te1MSxrZJ0tXQToLEk/5AUvrNNgYqD17ssTHuSKGhYkiqvynvIhXd0lTsPMDUV/ecGGh93PynRNhDVpVA37zl2DN+KOEmdJYOLVWgg3zEHoB02rosf0t9E4W338uOOq9wIFbQfoVfhA63vy/2B2EdpKZUOsqgNZqI+VPnllH5uaos0Bona2q9XnIApfT5oqTzqWLUrfw5EL6B/aKunFlVk5UMj2Op8RtRV7qqV1ybVV6azTb6Nf57lzdyyXFj8lmkDZnOBYWuq8ZpXdzNF+PJCKo4cob5VHATV9XqatEfOcMcDyvauh3Xtn6wGlbiD8K1XcrBgPoKxHNY4BjYX+gBgwSu+RqRUVCzw7wMxj8MLg5yGFr1wIfN3fOIpHXNKRBlcaUBujKLXqvsn3CzNokYYXX7Zp9oH5nGlzc+UP9PHGkt2WGDggAfqQ4wcoKk9MpxKEpGYWdblgh13ySZToA2k0a1xHOZZykDTSrxQtxSqC1ht0i0Oa9M5KxQMd2GVfcQyqV/3gZGGJ67sE4pQXfO4fmRX2Y+fcNqhLwYtcoILV0pAiy96y35sTLTTaokMvbcYHbPzLsJ4oqR37c6GYzWERL+Yf2TETpzCQSJpqmOuD+yXbOLW17wpWrIf3wfo/j4dD3las5fBXN8mPcd3a25dR+7sbef9dNMsOqsTkgNGstW7nSp/tymk4HMiVlH1QFGZthfg3I+APuP+Jqnbvyk1E0Eo39xwIXiMRKTqjT4hap5WPd1gfhIBe+Jg0+VZH/IoHkNbvVxqoFHvYStTrEe/kWo5Un2yBrGw6OlE4MNJPgBPS4F7Q+xFZod6XxcOYdvwGlNiYvlb1NRmRMx0Qlt1A7aISW09cverACiR4g108Z52KTqKOzAP5utO1iEC4je3XfEOdyQ84P1NjSxHaf8AIUjYX+oUDgFxsySbdmQzkKIqg4gyw+nVrdARYpPo0FvGVSckKF5o3M83j4P3jWaxcVj0qB/63zgdAgPum7COi8xLBViCXUsXYEczrvZCbCGTv2syGiHwLbYfH2UrIqyoSkkZ6rzZZwD+BqM1pWMP0MNEwca8DIVQFPcItRIt2vDktVmOJe3UJ+7lk+27Q1bC0DbT5PrEykXsmo8H7ctO75R0UEuQDmjuTPiPcTmxhNIi63fu/eW14SmI5m5neAJ6RSfnutCo9ia17A4K8epuZQaoerJgDTfm43uNlDPlPgK3oYHWJE353TlfA/Fkum7g2VhMJ8ceV2lswRjN6hVK1+l5ez+tXRkkjxanIfSBRZxW/6ooM5en2zyzFqV2VBEawZEXG91mQt0aQQFM9Ukg1I6xVsmluNyFGl4Z0YUmm4nhjmCBjx2h2Qe94QI2qBLbrQrmJMiXaqFHZM2hdTFrx/wazywS+eIazb2UbaGsLa8G78nPkYJck8j5pKbUy4MNYZz83iu4pXoaMXDNfQDzaXnceAbOTkeYNyLY0Hrr8h55NFFHY/JLEgJrhdnVt2nSdPxTrNDUQCNUtWud4mVSPMSqZGNXN6ZNHJkt867H/aFGc/treT4xe7cUaykReH2eRSLC06wM2QLyMD6WlZw18QMBRE2n2PfnfaL52YNYHyuIvNzf3HNlW7G8VOOcKOSAanTfJvQph9gAoh1N95xib6u9c+LhPAY59N0oGBCH80bmKYAnbbEgn+1Vle3x9UwGnkeTDR5yo+MWJVtqoLoKggPug1G8/+sUTgFw1gYpAx1a3KM+CHshswMwC8T4fE7cC0J9HuXfeIKm/oIfoY5+gVb3pGdvlXI3C0tXlpr1Iu8a5O07ugH7j+4rzd1o8Qb+0duVEEehKNWNSZA==,iv:JYJ5gIun3lEN156HbX36zhtDMOjUgPBWeGqRBsu/8Kc=,tag:Sopg+BPB6Q3BIlz3doAx9w==,type:str]' +ephemeralKubeconfig: + certificate-authority-data: 'ENC[AES256_GCM,data:fkJrkl1wkOR0rmsEuFCK78fSwWb3P1THxN2pXoMMnNt5AfdxLyYTb2OczfdtxU6HdrCeg3myibW83P4AIZfs5idEOKYeNgh05UDYHy2kxjIqYr8wBFM/OEe8okI0+AK0Fw0TmQzv3KEm+9yWfava5uFMe6eboSGwZ/CjTUMrIihTbw3xcHJ2PY2Fjl2YqJkcERauLBrLt1UyL0r+nTVbaqJ7mtziVLssv8H96+gTo1C1OaK3LHlHYjUDnK2Zkwcao6EqCxnFQfxlX4b2CkaqwUbs24sG2ewiJ3smIXPTWeLMZB4W/GKx7H33y1rATm+Sk2LixGP0zCXQl9AmETsQfZdOaLZEmdhizwEIyQd20Utb0RSGlP/RBclwUpX08DjR+Oq01mwUVJaDUpY5cOlO6ziFnjeJXZM3mQQ/MbLFVvkUUm0rGsRkYWz2XA/SQv5H3rvEUpKvBn4+MsIL0tID8ciBKoKvajP9KLy0l+njEAzJgqqGWdgO/ZhQ1gaPzOZo/OIFKH0jrhgs6AVG7lpm5eD1kgKpkux9mo9FYOaNetdRCyUnyI+cV8Ikix7CFfkVGS4o+FTDBHnZ0D6jkqbjimv+NwFCxzUxTrHcEBW3D5IYaTP2GVFkieALMWMF3foYhAqUiLfEjyRgwdTZpdTPigD1iXIVk4QUXONTZXmgGyrKabkFh730IT7QBDlRmvrwTIaJ0WDaHbPesL8ZYsW0MDQW1u10mLLjK/3BrCzb1lltasLQWh/q5e0MMFG1s4G/3Y0u1Lrs27bK1/SrMhhUwX2gxaxp5fWYARcKRtaarbZ1TgWC1PxqhUmbsvP60iPGn91qlGpMJ5VUdci0S9FQM/I7HoO3UjhhhzMTiQUyAWOu3+0QIDw0T5UIdHFbZYmqpn0XqXI8bhP8DPsHZ+XKEJRsBktl9/zdcZ+TY1QvsbtC6JgeS/P7RZfaWG74N2h/CgLiYuWpyuVxNlaYSpIJ9PNesRP1GK3CUpCp87H/MN0XOboXH9wLMFm7O8ayWKqOeVdNJ3ziFk66LsdbpxMlqy8CWrgGtPbgpDK8HkhlC6ra1BG5wAXUMXl4C6p/+027Et+IOuYwY8tD1z2r/wWpf0HcUrrMe1nHZv1vMszSA1i9eEBu6cAR1u5mKCzjayn/QEaYeGm/ROuzDskZy/KAPgpq6g2NYHqHfTPUeO6eB3+e1UDWJ4scPSJWetAFocr4TlZCWygg9Oite8h18N/LNziVQZ3QavUdCL/gZ9FWlS9i8zr8EFHYtQ3xJTC/g7W9EZkuNPYCJi3x/uHzc4sVfHK/mfoct1Gsbnq8atH6jDWhR1gfPS65AHQbLmqU1sRyGcwmRQAa8fiIlUP1VbTnkYFpXriVyfkhF/lBOxIMwAoe8OZ5nLg9pgnB/ZacZ5rEw/M1Fb3WrNdPYxe4pG7mgW6hLSyhkPEqmek8c/ZL13psgwhrsuhO90NEf/uxVt4HrPWUNdninHqiOjSB9iXgGaGSIUdCmLNn065MeKnOyThneHor61L+WarzDIhhZ/OUSgiKKGGvXPfKRLqMSXWf40Qy691EicQDjpu+RWkDy6np7WrOWd7uYBhkoz6WgQODB5Wm+DGob7eIxw1V/xiAuF0nDi1RJc3xEkbkaOX8LrUEMUMvvGxJTdGNfO8yW07owM0PddoUGuhDeg+g7SLUlHCJUxNpwi6lti02wbAZ6XAxc2ltN9fNZ98OE1VMtSlX+4pFLmMxtb9S1N53YS7MFejreADRoNskyFK5uYuPN5+a6lcOMHnXSKZnAC5EZsl3AiuNNIS2hIo4Hx7YJFZtB5JlF9YSjFXZDnZiSwZAGvhAUHq2Yn0UVModpN3TrBzSelJYwY+aQDJ8bSuQAp6U/2HJ2FFQFX35waZMHYqPyOlXiCGeOl7dYV+IpCMdZZaPzwI4EzjZkfKpW/FZBtJ/p45IytHI7gt/XAsiWQ==,iv:KxGVXmvi0AMbUQ1YAJTpYH5dIBA6ownuLtsI0K8Riko=,tag:j3HdCtl9Ptj6UH0otSsLJA==,type:str]' + client-certificate-data: 'ENC[AES256_GCM,data:AHrZ8/PILjb11JmChZDN43f8HYcSDUgj3//H0T0Hq2dAypGWNgiNQzhuJDiEj16qUYTJZqywhV4Ft6z7kMpI3wx5GcKPnYHr1RQkiufORR9QAvD6DImK9/dyxF44htGkbv/8x7Xi/Fg61oDSXa81UmlHhXHeoCvHRaiAhtPtCmMPuFraCCWVzzxbqIjgaGWTaHQtp17ClgANPyt4eQq+hzk4fMCYKSCoqZcCqnklKiYaZI8lp/feT9MW4eRNJG6nrhGhEF8+DklOmf3uzdKIuq8kyBeHBD5gJ8mwj7N/oFHoWG9XAPojjs7ddU2QbNgRWroGcJEdHWNt3bsqEDkRc3CMEwMbACEIT1f9bGsnVwFVS6TDtJcNoKcp9rSyohNkcoeM2Fp5aweMkvof7+773rHXO7XjSKFhb/EcvES0kBNTVwAGAJ42a1gWgA3aXGllXr8jiFMehPIP/krgb5rqDiRxRY9BDQR74x6EV7la7zOtJTOSVBRe/CWhbqg7H9SJN08WY+4wcZ95+Bbi5pup0J3ZY8HUU5poFC27YLNkpVBLKe/95LKAtU6jEuYiPuOICVGlXZFIA8NHhFavenbsGxULRM+apKLFUIna1Q/w912kK7nWYdAMDJqgoseJz7TeARHDXUagWuwTPJLw9eKi/c0eS1cQ/d/Wxl3hc5v5M7YhxJ2jU4j0weo9hbuq3F3nHZ6eAB7xUZlP02MAuM65NpU0+c88KC9x9p5rt64+h5dssrdgo5IL2MvDAuwHztxMv5TMAp9ZaHfR9NrKYoBl2sSwtDw1Tq7QS9uoD9jbuIMGi3MON7FQ0joD7NrdATeBY2eJERXHrVfCZ1Ft3vpooiyYed/FKSlp+CzPDtYnLCfDThv/dMw9xSoKPbuigGxzkdvFfrLhkelbwKH6j/5xd1xKIzvzmRvGi2LDWHG6qpJASLrNBvoG2NdpEpIgewwDyUEk+eA/BZR8k26S1QuIyWkKn8jK8O+0I4Ff1/9Fjv6RBw0l1e6Na/3fT2I9znpGoIwGXBSI2HMzwPwj/VjOjM5pUfI1rza3FfskiN6to5hCVzZxTqKol8FkfSj67MAC1yW98ryM4RSvAHctbNqZal1Q39drgk/p3/HqTyTYWtTjNrSfsNg1wn1Qz/MBnebVHt3I/C8bUsJ/jQ4Y2/6AfOnQP9teO8LGw+C1FDj5+9hmmV+aRL9zA1CZOrSonBiUZvJRsh5tm7ZSppZ/dLh+barslw28go1NPqFNSBXdEqQgxMCTkVL0R7M/0W9HUbM3IVDX58TKijasJ22K8VfOYPR4C8plcAKosBCdpL5W1qoCpFpeo23aOR26LCuPHi2n4A5OxqeXHpdzSD0PQG3nhJQUX6PBY4wHDwx9q/fyrhcLl+uC9ezib41iRV4wRUpn/6exnvRCmrGpzuY6A5H4uWHSp841gSO+EANPtCaSVYb+8Xar4QV+cE2QrzzGIcJETgpjyDZGkw06vbU0jI01GvQISJBmLkeaUZvFFnaiwlBPpclSRyODGdGqWmVZz4uGJG+CB0WlZLIM992nN2Lv/LiiB2RdLswRGhD6mBSdpDpaEth2oZRXdgbfPOk5d6Aqqj2r+2TQMAZzyj6yNCLmjkQkl0eAdSOQMK0tvuZ1b0ft+jnW6qr9BWR/cXVoxv0W1mBxA9EvNRphXefNr7obAx9PrAjyB9mmr4v+sWxrVQk4wgmrEERzhXip1DwuyTSZFcfm4HtA5skq/QcVRrUraKOJfDU7oFq/ZMYPpbgFqQrFbjG32xdoj+JPlCIg2aqYX1uJwgrLxcZutTUpGllDBDxbiVbd2y0eoAvw858a5rXjiaay9llk447IofumD19ndpWjc5/DrJcWKvfGV/f05YTCrISAMBBcEQKpoP2NmKh47eV64l0zpWAMevuWET81jWgFE0AbpbiRGK5zO6J4eoYyqKvmGwSM/c55RvOyBPYJDwaSuJsE7Ydb8aboiYF5,iv:l0za+exweqGI4ND3zfdLELyAy9fUsf6GAxgc552p64o=,tag:sUdZIebwysPNteocS618lQ==,type:str]' + client-key-data: 'ENC[AES256_GCM,data:WeJY1lARUlPKfAixbJEFrf2ef75yr7zto2L3/rXmDXAPlFjqy3jwRbPPIQd26VAEUIYd6C9BxdJoq7yzlF394GSjiHWjcGnR8B3ELwvxVtxdyWEqHs4TC+LwyG3/5bv7ZMIo51USFn8W4UGNEJ8lCX8istzuDa4JCI+LbxlTdr9iuMaXDtRhqBgR/8aabQtCb4J3udAbhmUlNoXiLPDdlsntD/ZxTmJuoevPGZnfaPCcb1kTczP//kmGutlu74Z39FwyUwCo2k8OnXnioqxViUgRZ+b+DgnqZKmCTMNgEy7a4QnmGbjWQqXCNGI0u3OcZ5VWvp4BYydrx9K6VfHbu/ZqHQ0GGKpq2va0nLlQ3AneqQMPOqWiihA1tNkIkXYwjwmVT+ny8MLPpSYa7gc540iTh42UuU17iX+N8f0HlqSv5VqjRBUi5osXCKZKt9nzh6CKEySNpwU3SsWbI4zTIQ2HygK2r5F5H9VSATZEi4rjW/QIgKHIN7AQNGi04M3hiJKD+67sTpr84s2x79cPtskdO4XFH0byzzC1Rk/0MHDhaYvgzq/SG6dYN+dPctW5IRGJwyc+J1eFLHNYBfRnQEM9OG9YftlxXAL/ieR+3fJ8UEwxLJeQWZQxhe4gp46h36z9jf/nnVBm7A9+m30wkOAe3pyvHt91ZJiHTJHIHuK9+C5QM0VGEGw8ElPnYR4SzwkD4YzYZpAMguEpY2hTZPzWrW8hc/6LXYzAJovrODq4ZjNKkFEJAWQfM7NC6VyS/NVbhUIK/tCmCN008RDFN5Fq5IdRigd8tFP4LfUQmxVxkc27Ynd3XQXYWrNyAe7JMUCWidVdQW99gjiWaI+K7oSEntlXl7XWMdaChdG2wlIQC0T5oQPgGJ2e2HamcyNzS17etx5TZ1/dE5GH29V8GSAJbP4Kz7xRrzil+c/DLDeGHRAA36VJV4LMcJOZzkfqC/m8exILOLWkpqz98sxBhpPmgV41yZ81bMzr6OfHbYQ+wjDzLPwQ/hvVKmbhxVX1SkhewYWbDT2ada4rVnyLO84oZ+dYBRQ4IGt+qjkyqn4lvduipUpFcynu5SRQ36axoYxF5j2SNa39SqA4i+QcftFrjUlcs1c9k+I5sDqvCqkFMukVmTv6fP2bJPY+js9Ixc44ULMbTdb6LFXCKpigNFyr1Kyu0viF2/9Y5Av+lDgXOi5obApLemcVrs/Pr3u6GvcT6TWiYgtv6Sq/x83+m3X86cPRJZjM8v3utLrVWPbUe++Uc6wkKaBcSsKxaUnLR+n/GB9ZIyjzgmogAQ77ygj5AOWzxCidU9wiP8tvV+1BS4P/LSPFdSJ8khGORr4drvDvlD0hHwEpMFZQz5TyZCXkrazOPu0Lk6I5LENXHuwfu29dkjm0s7PTnPxlOC2UXTf42V2rsxVpAwp7+AuwVJVJrinBlQd7aWHXISWFbisgyEn3FEvIVDqMIjLeTtcmGeIwSuVwCpNt8OYmbcUCdRN586Re9ph8BPFL5Bbffw/O+4J6fiewEeRImgXfj716c6a1KjrhfgnLQZ+wE2gyFoUcu8YvVdu0L4YCIT+hhTDAr0LU/doS0bYj/KDpkzyyw392KTS3ZgHl9pU8WKcL3x6Ik/0qbacvCbxPLvfwWRfUA3seOqPWlMvP2i6u8poAdy+l0ij4XYtqvQEWoYBERrM0+5EsyfJmJtOZYoadTtsJV20s+j62oi0WKqys9fVlI8bzq/ygY+GuoJud7AWwbst21xiNLA2JmSAYNlaC7d5WKWZvnEbbWR2zrtIWq3aaXJFgq4Z6Xbb6V5HIpuJHNpK0r1YK4mWdY2KKFAcedawwmWAImQTJWXAzgYboQdyU5ccVCsBOSGCEZHSRkCXZN/ZGiOYr+ldqYdU2ngtUa9YB4jnbAa/Jz9C+EY4B8OYrm/VgoHOKz86gAteYD6eCCgeXSkjSX4Ju/7LFkjJsQnaRBTXVg7Cat+EwVwWswJ5cHpCBXUkSczKWwF3fj2OC9qHXjdAxADH56S7bG3wxnIMVNhqxT/7V0Y1nweZy3gYToC8pUHE+zxnhCpAR06iSC8wnkjLaqpCVlKtPYhRJTLPk1rWHENQS1AwIVJ0dLmGCqgJCv1aSnX8ykRiM0kaC4lYlK4BZMfe4RATt5UI6pKjv4lwyMVsdykQdOWcJSowADRSiLT4bui/4SBPTdpLTtN6SYpdUJ9UcoZhg6aK+KNEfqgcXTq3uiGGILX6yzXjbcHpDyFxn4skwGTqBoN/2fnfGdiWvP4RdZEtWELphPN4ZboGo8iQT/ztsni0ZeTykuWT5q5wQUncQCrAeaDvTco3bN/szi0Zngs4sIPY87WiXAhz5GzA44y2UMVZhWtAkXD3Y+7WgtDs229/r49MSmUElTC4/oxg9wSxpN1QtvWKdzdOWZdmQxHFMKM21ys0yezwo5fnsH+6XifL+MBaYwuiJf5B6Mvh83M89z19jmD4xfJd2o1MhaC0K1RMnarSYH4Y26q/2gnnN+Os8Jaag1wZhKl82M51BjPZribLj7yRlwJOKon7p+NLkYML51eObXv7Y8S5HIWNmaZD8CfOC2gEngVl5bog52wpF8xko3JtdOahizovd5G9HhG8IBs37rwzOoVh8J3wY1XGXFXie7lvqwT0NgCkFFwwD2K+GuEqImrV9iW9I8OOYXh78n4FDw2DmLQCW9cCMmFypkLlLxmQ/5JOJsGsaF/wklSZ0oMsS/wC+GW1AwNAO/e4iimNfxH2gD7Z3lTD874JFVhC5gfHgEv3M6NCEuoArJh8Gw2h38EpqlNcgAdnF7fr4CcLM6VFGOw2+D1jJXGQ2RUgZnhyPZSFRN53AQROcfuvBEzIXUKiW82eh3b3/FtcxTUbno7O9xkV0S0kPPYBg4BKK2Kmy5cmFLS03JKA5KvcSOHT7QpVG9oVXDQtbk/qGQZ5osd2Dr/pR5lmjnqHMbc+530vx4vgWjKzfutTYTg==,iv:QfiqUy0j3UUyhgyBZrTxdZV1MHb8+fugIanpWDOrzX8=,tag:y7lmjUQD6mBOTcEZBL/iyw==,type:str]' +isoImage: + passwords: + deployer: 'ENC[AES256_GCM,data:f8HvwuwgSQZ+FxleRdE=,iv:w/nOspDYaQJYUrxDaatZqfwzJz/MtosLLOw3BAi5kps=,tag:7ZxUsFiUsX4r9nx6Rf5LCQ==,type:str]' + root: 'ENC[AES256_GCM,data:llk5QE87o2EwzNTEfOA=,iv:xAnpHVc2rv2Trex1YzCmh0VEKDC88X9pWdFoOfZeofs=,tag:/Z6/tjBZuZMd0xgn25qrlg==,type:str]' +kind: VariableCatalogue +metadata: + labels: + airshipit.org/deploy-k8s: 'false' + name: generated-secrets +targetClusterCa: + tls.crt: 'ENC[AES256_GCM,data:dHn0PTHUtSPdvuojub16FQDoB+l2ulLdo+GlPKwRkjhZMigNu4V3QRSSFKM5cnda9SJbk8s++RuZKuq0r+95mqqsCCg5ygQK2dh8yimyEmax7bxXtv2iL3SwVFf4CUa+lmyV/rwHkagjQqOZAmgVlOE+lXmpa76DrX7U/KlQIokyYrt5juxNcrjq563j70obPuyapFHneEoylwdM2NXwBVO6fzX8oz9DOB1deBxsiCkoBfQRUbiH4V6r8Oc1XvGOGhCHMEIueFXy/f3IzzD3HREH6a54l6Q6E/OmK27zsqYPYoA5L9NG4k7FZLjZu9UsIMKk6V8YN8oUYUX6AYnlyiaRobBqVoLf4j+dHibgPkQC80iK5fMq1Ob/4uIxW/cm/iQwtn/tHhha36Ly9BVkLUMirk0jgcZIg2o/fpYohaIlcA86ufhpr/p0mNe2dinreoTWcZGSmTwNwGdZrUbYBMJnH+nNoj1tTZVOd/L6skHCvL7/l3WJHflaw+S3hr+WAEjz5vJoxgkU3V7myz3rLTfMA9Vl+0kxqcrLvuZQl8AFwtuZm84AZw74ruheFqvGs1z/dyoA1hkeUa0MJdg2iOot7rt+Y6ZWwAIgpPEAaSyWuviI67N/dhpkM9BNutALjwJnHN9uZS30YzZXCFpK1XM7K68nvuHVKb7JM6SIzMT5DahTqXfJ101gmMIMsbqBD9p8ftQTwYZSMWmjdojRlC25AtaD0UHv9G3SXZQyhgU8ZFmFI7n+gtwihlozOcAo51WvDRKxbzwf4wrY2VPORgZa6L55FF8mO1NrDrCWTbwDI33Me0i+tqYn36cOj+NF7je6Reu9DpSiECH3+a2tJsD2UGxuL37dutxk/PtXuG7N6TfGj4T9lVCbfaLF06i3oNrcNSUKF1pbMmOM3e50FOZM9gycfNWm+ONJk9frzTT6lha+rDEvsGld/6+gHVMWct7Z0xDgjohlEjs9YjF3gjQB+LF9I5ndRRbPXXM1RFqqSdkz1celXD6ZOGGY/jtTELYTXrnn14gYHhxa4NFQ8FSulf47DpeltBrUedugwuXfChmn+Ty1/5Y1Owm8fB+xjxGy+8FH6HonEzJBOVQCFnijjJ4TRCUIztFsMIMM1CdVlr3/ivxezW6oFyuqRpq3p9Z1MXZEXrfMk7vI0pSWfHl4gOCXTd1dDLSGFfpdqjxe2mL9FhDvUsXRURDnWPxAnYQX3D8NIuoykIaUyH0T+AVfLH+H2lGssQ3AWogHSVz5WNYKZze2YcWlGuGWogTLhaRXz131Staqqb7QHRId2pWsnoZCWNcWg9wGVMRj9RC5IGMmXNKEIMZEV4YPsFPh8yYv0iuqOi3ZGcWCZZIB7LiqkOkI1AoZaIL6zuWC+WOahsvLnqKTMDyl7jTZle6sQS8AiDaM4bZ8GCveLFB5dN1uwDD8HA7rmwHi6j6udN6Zki+NYj4ut2Ci3cfpWFgMqzTwn7M7cooq6a0TYicwgNnftKtY9trr9KUI+s6yN73bXxK/ASfwABvUGbV2pLZ0zMjiAk0P/M9n11VvleeniRMsziYlV2ccRLYC3KLdZdhtvNnCn791X2p1E5kQhMcziGDA4MeaoKY7VuqW3PRSKC/bze9UWrwYMYmnktXNeY4uWurP1cMCGOuJ1N0IcKHnwmvZHKB0ZAxlZZTl9SlZ7ktzcLlaYUFTIYdp6RqoT7vqnDCJLi/POYpKq9CHSCuuqJu4vnZfW8fwi/CBZQt/VR/jR7spVk42UYjvWy7G7DYy4hsaNZBQM+RS/59vgOVBwdvKZRiNPQUMAGvDXYMbp1slU+xHIYhp+jyBflt9RHuaKAe6eFyDEyLz87ccvqBFCDSFbKb5VSW3gTTfV+YU/L0kkR3ZSLghg0QQRwjXJPpacmP6Yp4DmJYsJpF3Hi6gUD0EwRBTPhGkIgM3FjZYTE9BVBA/Q+NNmH7MlA==,iv:6j/U4n0YatBxXxf+gUi6EzXbJU45jc9KZkWOtN0QT60=,tag:iPR3lKvc2h7hpOr39zcI0A==,type:str]' + tls.key: 'ENC[AES256_GCM,data:nL5+ONfbkauHH6DH5ViV42F6u8Cvl4bjiTEgUOmbU1a/nyvUUnLCJlaPesr1iPlj+VSlAEjj2FSTy+yi/4QHhdpql94dPCH0xLQFIZKqMegHXuT/+ID97upY0Zcnpa7vRYXbM1ev5dIN+0TkMAaVuCbXvMHG0i85kNKj1FsuLBgvTMfs1IzSXm3WsVIsUJHkGZMPSjF+SvfQ8hcnEiduLbkeEtBoOzLSk4EOgPbrruv550DR3sYb84kpRdf8gUpGzRq1Qkr6ELrnG1f5osMBUOwA1k/AiA2LCtEUPJJPb75V/AMrPQxQke0C7c2m/efk4OdJDpcnlqVXsYQpk3MX9qz99sYS0BiCZ/7cy4o6IwSX4lU2iPQV42JVb4oAkAleCja30OhO9cIAiW3QMBoYhSxD+sFHnW1HiJdsNhNBupNk/d8Vkv2VQg8+Rz4dgupd8b/VsD4nALaYS84JK1IsWClbd0y740LUOa4S/XSa0gLl1njocw4bg98XGBjiEEG9CB6jBOgS5LCL8hYdE7a9FX8iCRwDI67MU0ah7vx9hWYoal1Ke/xLWQI/D0aU0Zg4RXiykOY/HfLxzpD56CrUq2GMNw/iWzDXoCCM140G5l0vDBINYAbWtpYqRQM8aQM8yh9wTgA4PJsSDLOZCYi66GptfPXQXjREyTRyqVOx8AoA95Qp4ggVcGDz9uRYYgZknxc6gxcsPoKXcY4JcwwK9zp3dsxYN2GGVDgHstzVGRiWrm9vn5Y1Jy+x0ndvjC3HegEGju7OpkOsVYMl/u8mNCzi33efGHkA6DqCXA+n0DF8slHEeb7SngQsP3L2UbfMPOPSMyFFXYbWe5h7YP1DvPhsrTEAcvxIbOl/aagh9GJgLpq1pWFgYBL+4Lko67gjZnZCd+WTw3/R1W9jnuS7AQ+x0Lzxil6+fGIt+tYQ4QZChw7rghqoGus6UzcATe6BiSwHG5Ltj799iqsuLUckFFATayWSHYfDs5CsNokNqQRTm9Ko2YXEigLb1J230WgoWBgaeASL18vZ0b9Ziy2rWNC8ZHBis1mYKZvSlKhy5jgXBWSDYFjI9DPGp6hWbEefYd1KpgVN1g7aHkv7dZibKlEM8OkxB/jdncAruO+I8ROSFfj8iWVFjPuekLNqrMfubHJbXgUWOsp+BzQwgtsqpjVHFK55u0bJNZ/v2G+whzQA+VnU8RS5SVCV0ZpzJIsG06lBbhUGdP4RIJjhRwy8LI5fjwNshExsZPC4FcCV3n8bBb/8aqJIl7TQ92trz4QWSo8Yo/6rdKCIX3/zADHHfjgPjOwLw1Qy3QrMc4kxHcEk8b9fgHf9+Z4H7k2ttdco2W9Jh2utNk5Qq+Zms3XTl0Cw4gIaZIndg4Qr6ZBCy9kzLva8DYQgJLNqgrh67CZ2SRGnytkpNYQl4KgCzbAGdKyZlGisUXaqTMwFxGEMb9P8HKgRUo8t8mB0OySg+2a7UIL4EcQLQLeCMyLgCtB0Mi06bHdh9Mo4AGCFGwC3ocXbn81DdpzMKQDzKlqxTFwYPKn/PP15TGAhQaP/29ECAFiXTrouvl2wmGnpiSsFKWN1391UzO21eBmxwCMf970M5uDMeOak1gaqxJsW/ck6BnjmUHSwZv5r/pTBh5aDjDiylKC7+sH0/Xe1upTcb56Wks7rj8hf6Vf9l5kn9lZZsE47PeHP3JZgosXyKpNdMmKsD/kKvMZ2X47KWfRZoMNEY45rwnnYGErKAGqooGnonP21eXXiXDgTHt0ykGP0A/ecDMLFYVWedLKVb3pUi/R907GgMPBThwU7EZNZgnGLzqTtRe/hCZvJt3DHBbHZPRz/Qy5RC4zZftj1HQ+B9BXhymPembqSv/DE7AwvFHjP2W9ZFsPwE55AnldTcRGfTmKIz/Z39qf1u0HP1hV3Z43TPDaE1HO5amNQir8c9BdKocyLT9TgErX6EnqEiGB7lGwbHDz52VSHxQAswU/uHBRSZ3VaZ5WOpQY1Wq6PqZbvVxKXASE3zMoik9SmICfgSeY/HJZS2fHk5rjm7uKYgEL2Zkg1/hxXIQJs7slc7znhM8tdKZoAa5Do753cidM6PmbNwD+DmBwT5nZVp3KA5ffaMUW3YkzaeqBgkBxnUamhIwgx0E7kyuvzJxENm4XITI74wNVmFYSJW5CfI5zPKf9yWxOHDFFH6v3hdoLOC47f0DUZQEdGXmVyRQcWEbfgmiZ51qfdi88A3CuUDmR5VXAVpA7+7wZkydSVNWfViOCAiKEWRutMCtxktWTTNBCLOoaC/jEOjbuD2jPA9SzSwvPnZeT9Q3osuf+VxiwzGIIND4PpMHrG2BYT3SojLeIzOpUFnYYRbV0jdU3qAglJljJ87r102UfynejnJpyElPPh13mZNkHUW7dmWQATqxux1bX92ZfbSSMaJPMulK9F/DkZUcV40/LAchfpPTJ0o72pTvVi30o5VCOv5XBH0A5+clQ6hs2nLY3vd5TF+EsgFynRUoqPuP5+WSUO/zVOlpw/wd14wHmaud4c2Z9q6bDJeJmJgUSmI9LjlK06FSqnx9AEHLV7LZA0s4JEoBoRSP0zOYcZ6KeJGbS/kDR53s8XMq0bt+thCv9AtR7L9dogyhC4nDFdqcjLTgx7A6cQ8sh8wmwhWEvBEZ8pT0cgY5x1RYM5ae3SQSK8a2NpXg/X7o0pECxe+YIYtt+Go4M+6PS3JZnqxL5bHUcAo1M73BNku0in724EwA+sosvblLnutDUBvP4naOHC/RN9c8QgkLCHIy1y5+NLWEanx4yTvbCZkZbhqLSCsX6Aoew4eF5ep6Y2BNiAo4cXtX4FQvgzBqFFu9Dgwp4iPs0cy9S9w3bL9ELWmukwH3DhjpByNQ8UEfR5UFsb9lRmjtBdAGVkdaJAQxah1WWitdqRZjAaAo6y6sRFLM8FcXqSuCjKXTs6VHWiLLhSLCWAFFRzMNpGqnunOBhk4uYpn1/XSVF5UA==,iv:HFOdMUDdmYFat6lW7YDJeCvBSn4HlxEBHyBQ4pYi2cs=,tag:w/Mf8KeiAUjky7zcR0E2mA==,type:str]' +targetKubeconfig: + certificate-authority-data: 'ENC[AES256_GCM,data:pS6RXSBAeCT5kKyphp3sP+R8ps+CXvzEk8uSmW4vzuehcWioa/a7f7tfjBJWJq9QwG5tS63j/ijHdNcFne8aco6tqQSShqsH6uW7t8CrodB7+2cbRsoZ0Nr2u4Dl8Xddp/YHsCQ5NUHmjzYEADUn2Rg2vYZS8xVxB3iwHqRSVkWCCJRxYJiAhmXyy0xaYX5od11Yucqu7Fv3PUPP/BVZpxVUmk5pLRueZi1Dhg7vlVy9IdV26NwCPCyvRVPldjWfWptWnRAEWusn7efVgpIZpOg7vC+MEuvgIDBVqo5kyuKEHBOgzdhkEj9X4tUyLxG6qxYJDiEbpqPZk75yr88UHIqt2jDjd4M59AEqqPMCPWlOYrlueSyUFRC3z7r3bZPWJKBEB/ln+g4MeC2DbkZ8uyw9M/vEMzFkPUm4OXJXdU1phieRfRuAqxNLktDDRsfSiZfqG/DXa2cYBGa3E+0AHhmhGf6XeSOesIW2bsTdS75Bq9k00N9HbMSUG3IfBilajlZ6cTdwqvQNsVU7R/lKhfIKT1RJdx88Kb8SDgJp9vEcqsDyMx+TzL1LGkXcUYo3Pe1dR2mQ15l2vTOaWBtitLzM8d0AEtfaVfl9LCcDn4uFwFQ1P1jYHB75ULSK3Ft1VT1GfLoT9+vogr8Tzrz7p3q+glHHrBthuWPPga8zcEON8rYk99B5EFAEf+SnPQwDMnQ49aE8W40pyYeEgJBy1x9/I4EhZIfsIGjz45VX6iiGl4QV607ced/mZ0f2fzNlWorxxTSeXhIijyu42V9vvM7tz9Xl94FevpWbNH96SIVLQ9Bdl/fR1ZH2osZFmv6g5rwqY40FOVOR0KF0fWgBF95qUPsfSXQ0jVMlitv2tn5ijdYigJORccQxluFIRv9MdRqKG5GLrhG+OP06Tvl9agvArgHBiraTyKySMv0oq0+holFoGLUpOsCg3KenOeRbUvadkDRYx852H/s6nU9vjbYn5zSUVLcpZG1UWQakVcIWqjkQWvDtqv5td8gzSRJ8RkqwuXT0LIO79JcrG4LO38+8Lr65whuiRAC/W74F2IcPuPS0GbpWVyovzkhG6NutuJ/3hh8NHF9s1wm3e/X3SCsZKJEbKTH+46gc3T+Oeqpwc7vn46wsyIn8ix45kEJlf359eTQALYjkY2qIZSf7qwdvlN6W1n5xnPDgoYLzY4ZIRwiQruiTebSDvPwcbl0q8rkYDLLA5yv30RKvBLlyMyfWiBc8zFUemygHIRR3LZ7bDEml4Ki4grpJmArDegczeKNgoVJfB2D+QxTHOLpgKVLugxUkBnFFonFynAgnrS7ANCN2V8iUV+DRBsbL3etwSozVFs3IWYxlmqrfCFQzL/Tw+e+9RbYdCO6+5zIZJH66ThJYXewGnjIQmIjXQWXQFQ6DeqHVUM9I5etmFmrePj2vCDYPVOJ1xBNzePhKKy/HxSyb89ljiybMOafrPsMNXZTqAU8csii21Yfbjly13oBavQtzms/KtQk4pmoRRsXsMmMPX9GZqpRf9QpLkJQFMnQPeno9aGNf/5Q2DwlfWxJaopAR98CLJFKnx70pDS4DKeUUXFC/jAxm+Z1FNJqAtGRARxFnzZcYIzoMaeZ6z+crD7o/ALukrnIqWtFDJh/CCGJ6kbPup9142TxCK0DbQTobPJoIx0dBw4s14Wau7p96gRSFXni32FnBKE8CfpQED9qZ2y6U2MKb+7qaI91PRs6LbGJswmum9n4bPKcOiL60+n6PRd8gSJPpJ20M8OYRZuu7znUwzLf+G6jumLG1Aqwvm3/eWU8o4ouA/MkatrisR32Hg/Og2dw/L6W3a3shqh9PLg7GcwhmhY87dFAvfwiEYYx2wG7Oowm+IOiNOnNUaL6Ax3xWpje8Czp/FCHXI1z8E/ZHHcuEkAHPZaid1x0sEE9n0s7GeaI+D9FLPWKQ2sdbaDZgm9UG/w==,iv:03fiX+pQv3sINBBiMVG0jlszcRzBuik0+YLVs5WrQM8=,tag:/n/xc2EHUDbcOuAxZhPV1Q==,type:str]' + client-certificate-data: 'ENC[AES256_GCM,data:lmhhxijI7HD/SZRVrQMYo8Ngo4V0DCXDOSxn63cVePeSf8j9QbBJiwnxeZvPx+BMuzu/bv3QtsE5rUo2yuq2HZv8Ju+z5IQPrv0wSYYq9WOpi2SDRnN9Mn0c99TlkxxyJ/rUJsr2i2PlVhuVnKPwNqg/IXp/SMJp2FFiws2eIs0CglClzns/IgzXTJXlrAbVZHhD3YPs8+1I1Kr8cDRTqV6eyzWQpc6evzcDN8AK78I8uFNrLJjCbgh7CnSsnjxYngeF6B/bAqAdyTBxMjeU+GIDIHYmNKn9UlIdeqYC1rZx4Q359gH5mtFuGONDxhml7ideeNry7yPp6PuNHi7Cz33gyFzY+uiKZAkuCS2hucIfSIUOPLYlp0wcfYAxVCAwUUuvan5gE3d1SRk5BjMlseA7UMIpPX5lyB+9tek+9AAYyy7TczCbXWWM7GFYdwTYAqWwGx10fjblwvIwpK++MsdNQZMCHvTUbq83uSyCSb3T7hR6YG/qGnWcwUmJYj4iqT86Atr9rC3CSFwW/0GhvJmlMqMyhPB+VPlYWxqqASIcm8mqLFG6aCeODRvH20kzcsM9FVzO87xJafkOEJBfWUyn6m1GN9V/5z4Y2y/4VjgpksoVT1sV7jimtECjXIp+NCNyNKFc9w7YzSZW9FuvBJgMqzqWxJzupiDP1WiHpa5FMCcL2+k/jBPEqjL0nInWdNAyIc2dtnVsV3wBfhNAd68sDA3ele1HRBPE3OsGDxM/a5mzUu2HFVXdw7+ptq7Gv7qxUxWFP2zw+3cHDIM2Vkg/mPP7p5NMME4DnUb1eyV918db7N4TNJMm8tU/dYfozXYMjq/GpH/ubCaFg7pGB0qLCtkgVuunakY3ARYlfsi2i21gJg1KnHxWJDGqmC1ICjhdWybBA5xo1jBL5nhxT/cxTIRSeFEAYDaN7QTSQjwSrAQNysyUe+gSq8KyrkFMZponlIE9FE3CVhYqqbd2TXOvi9a620Y+Oke0BJb0IUNuaMOfveLTp8SmmAtaxFN0mQjiD1XIAa2L4EYnSj0WOChNuVHrSntiGaJTIrXAA1gto8ysU3OTkAeuRvCZSm3iYiKl5Hs2mmVae/oDBoeyLDviuS1olCFxiVItrQh5VorvBQuytogQMHbMDKk25c2tn0+xYCyZgsnSMPvommIj+yBbKTT5Rbc52AX8L+I5OCQLj+8nYrSuGh0694lLCi1Txqd/YLfHJu+QwrGg00EQga5XMRToHxu0SLqo6H3BA4WnwXsdHNt0wQeQB8L6l7Mc9yC6L2Iv83fkbdOmNHxMVwYSlmEmiaapaE2BArc2eQu/Qcxy1d9/VSoscP2XKc612g2yNCaDQk+zQBcYOKlM+AYkiVwPDsPZ6SMePzIYS+U61rhdd2VX3Wdp5bfWSI9obobey6bv7ThYdrR0T9Q2SzGZTY4a45jSTLALRXf0a9onZemD0wNyQMDFZAr9g1LEIuYMP3wI3n3TaAPtbdhBXqy2qrnyyQewgr3B6b5c43pYgmtwhL0eqPWus9/ud+mlvn9mpA42/GDwdzdvbJh2U4mzZdNQAYiI0bDZ81e3BdZiGF6w5aIiCLX/vgIZF40UHKaEJ62bdT8z42Y3kQ5CDDsIQDTWJtSxKkvt/OFDqHmP9zv/9paxekUzZA9PyI46pJUt3gXebpbCIXY0t4JEWkVATbKODApohY2arCLU4uK4X7DMKHnE+N54xBXHX1cfw/vCw2xvlHnrgbqEkEgqgOuVIKIbQJtmdwFr1D5InndHMtPB8EmHXW/OgRRnzIJ/OY6YXTTVI/9f+SG4SZMkhBoCfOP1h3jUNAQWcvuuhUxt7/4JHVF83kVnmD0u/9E9ObTP/56mDcExANfQjLwsNycuyz3x1Zns54KSUSwZi6kUhc5HttypfLDB0iTZZbqHCIwQgqoAy1FzqCOILCd7h78gqgzDnXF2tqoW94klKAvOx+fFfdn62P60MTpM6Rxq3V6hdQ==,iv:XFuBTIQJT4ns6M00T3HWSGHdknjsRZ4cRZQXSsLiOkU=,tag:3flxFrWSyiuyiyxGkXTReQ==,type:str]' + client-key-data: 'ENC[AES256_GCM,data:vlksLx8mgfvfu5Lnkv5DJrEUrsnT4Huknol3zk8gbcbowbB8YmHyjTWLEJ1MsAMJ2S1Y58ztnYmo+fXEoK0QXkiLjuIz6wFLZGUFhVSRQC1zUecFZgv74qAigwFcQ+HwFmYdCynNB1BXlZHRLMXYkLm4iyAGgJZw4zq0aown/DE0CYEtRm6oid4eOf3bdW2JD2TbedgQWB0wTVdgESn3kzT6xzS3i/7xlXwTzgDNmqW6noTsE7LsaUt7XM1y5R1Mcx3hYl3YSi60KIlEe1azavTjtM79uSoJabjBQm1RtPbbkW/+furP0/jgXXEz8N0qHmvH9CCu1E2YJS67RDEY1+Wt2YvfPA/wbtuUwc/HptbwCLXDdAlfKkIVOp3TyJki9e9RIYLAkSO5ljoJbeYZlzdeo1atTMLFE95o7q/Khj2w0pdLrkzMwE870Umg8DqlsxDcaBFgzPAbdWHNzr3gGQ97Jfcqnx6hRO4019gUx020NtZWCVg3bHTJO2n5A3G4OeG8mY/CFTZ3Xw04ECGj9aWbeHKXCGnpfsw12UbGYDUkcaF5UYb/Q5Ly6j9d5kVSPIBUihTiqdos2MmWQ+QdUpPYr0eeSR+5+3R7ld2yTla09jEa/ObvEGYRR8rENR3QwVws7g8+M8Tr0JeFGGrrhx4Uefs5Vrs+hr3UfupbBjuYGFsAqbbjgh9jGl2JY9bfbbxHdB5+72PrB6Wdg1E+Z64RBUR9cSD+7E7KZRBSMfEWGQEHgjAmizbr7vo//Xb1hcbRGCZtYc9fgDq5DYpe2UtT8o7C56TSR82nA++/GlzxoJgE8OrfyOpyqdTu3nIZmOG7WLjA8D+UQXhoIUXiSIw2RaKpqBvdoST+oE6KKu1l15SXJN+vYSKtecw3mjMfEBwN+OxMUXgJHKVIM/+W/LKmdc+yYpJX1ePoPGEl+N8xF1s+lGb4Ml6GYZwN2Jn/ePd45IQedw0Aujn4Wnh3kVZ3mjRCB24wAEH+Znp0mshGBJ5AEK9b2z3oPlGw7Q1Ii+prK4mD7ssvm3XfqRvew9JIYvkrcbUx8XlG48FOeV325Uj13H+GTiVgB45rz1nJxeUlEr+u4zQaUAgIFl/4N+akADIHmV/NyOOUOdDFXx+dOch5KiMZWNk9GDf3fxC+qkATIAPn9zaZ+HMc48wGTBsMbvWkRfOCSiA74Hf181ICAxVeJYlItTAqkSKRFI1M033dyeHx4A+jRGAJFXyyKL+4DW3J8qW9C3sMdc8yv4gWO80fwL5o8TUyO4yrFu87H2wQwAeZPzvE6TPZAYdcWgzaPss8HTMfvJ8g0ufC8r21EuLQR9qlzPUxgOh1DHVe3DQ6+cOsNJKrVuaKfFt6/KAzOWN/16x7HhjxIqZdZYV2Ei0XfbQbDz91cuQ5vfsh4Q5oT15Mc/AyoNrqVfdAsA8370hBVDPe052vuPwLHwOz87oR4FfP9pl3ynUGRhl+KDjHCpYg1+TYIBVEsPNzFBtDT5v4OWQh1gvou+gqdvb2W/RyM9lyEv44t7KqGAfgMPxNt2FuGgOTWY2drveVSi6K9qxgSqzFh82CxxyUkNOwSjajnr1Ssx1UTTMt+11FeeQIsMEKnokAIJTV78w1ZF/MwXDuqUGc/faunsNi+i/zIiAaJPz/F8Aa2hza65AbuQxnQqytEpTPV/DKXB+XgHiC02N3M8mE7qlF/zD3JWBt/IMThCaNT2p+c8Bckj5ce/9ESyXsNyh70A3Iw/f1Xep0tUVrQoKMmBU0EOFFHZqyBHsjpU3/IAWV9QAG/ysR6iBzHEbRIuhP1t/0IOKmZ7FeIQYGI0bBfyP1TumgSQNMCXCiUirPZEINYV2uRZHhA9SXx0MOo9EXgFNDRrW73RAj450nOCkY5iEwS9LXtswApNQiLXsvkbZ8eP7rwsvCaMfB5QtJ09eQaRjnz1pjiB+cXcweFwKT96qGFcfHzYiQCG7KIrGNckr2w+EZWLq6ivy1l5jwngKjMFfqJ/w1aI/qumWhYMOXirYf3HvGXaSSO7SWfpTYgSA0p9m99FKyCJeImew8Ef/QZKo6Tc+9zYRKuXeSlb+mdnXnPx0QOHoICGa2Fs4/OgtWAtWPb8H1PsvBtp05DctfOgrhm8g5XwOpqrr3NmR+dSjSxQVr49lBsB3pxRkffMB71pl8vzIYzlV6RDNMkPnFFge24wL776M25hyXqArtPU/pORBDaFhuD2RFI5unI+iOlqOwNGkf2Ta2MQ0QLiD1iaPy8wCIfViPc79E3cDC4JkP+TauS5dq9OjHTQz3aUaE4pnrM1DOTUld/YDjk3rXFdxTQ80I6AdVCWZGED6JrMjf6Kgww5Ygw1Q8pznoBBKy08nFW9BNTvRozYjYMH56Zk0zxFiw7iYEfYTXLYHA8uJTduDZh45wZYUd3WoMobNi5h+VjCOBoVhFAGdz+aUVvl080dtN4dOOvBcYUhJoBALmsWn6ODyyBnxEGuY+2Gul1jkDMs40ciI3BIq4Rtx9I8JdHhRrXcPDJW8WqkuevUxZYUawE8QC6e+ZqoPNwTk77yPsHloOuxRFcKAvwymQAR828nynFKnfA1zk8AEjVTyzTq3km/QLdKTh1j9EeKH2HZHkjTrCI/sS1MLfYelwAAwhg+h2sY6o9J94GPydYV6lGMvEINjuWRi03yeoIsUVbq+YWckj7wup2mlyntgtPb8RXb/i9IFbM8gjp7vPqn8qFUALT/P0dsQ/Tx8ObFdn6KLVEJikH8f/ZjdOi/k/a0xNtyxLtvJAWX6gMkSASt/oZQ8g+WjrholxNxZKbcJvOtSbaZjJ7MvOpjwx8GLWc6lH6n5sKAvd0Yo3jd5k1te+MJybWrMbLcwPUY+uUUWkY8OkGpq3nXliy9R4cpxsMs0VJ+9Z4dF8B7vpwLS2gfPqbCKxaCAs/u1KQcUuLOGBQQ4mjLTWvbPpVDSH4wQzWvucbWS8c42yD6RsAjJ63+7ngQ==,iv:k5QGyZdIRwKnMuVqG1qzu4iyaLD1HxvryjV+m4H7N8E=,tag:GDCtPo3HUjHUQvpV7dBS1w==,type:str]' +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + lastmodified: '2021-02-04T01:31:55Z' + mac: 'ENC[AES256_GCM,data:2WFdA51KkN7/cM90p61XTPUjykAXqTYuM1mrGbh91GxRLVL0fBNGljCb5PCPY/Ir3xnP7VFQN6LtBwmLFdj+7spj4Y40srQBU4A2e8j9GzuhW14jtvy2de+2v2wG2BZVllyaWKbu4+Mzav17eK9mscawPUCefed8InxXiF3yV1c=,iv:XbAJ3aHV3kgo6MLGTYkBzWIGp199l1B5siXMiFBXlUs=,tag:Q/cz3bQ87/TwAAsikORuNQ==,type:str]' + pgp: + - created_at: '2021-02-04T01:31:55Z' + enc: | + -----BEGIN PGP MESSAGE----- + + hQEMAyUpShfNkFB/AQf8CFwdvykoBIMfsOO9bSuz8Cx+IFhJGwPPEsSId+q/EFdz + tCop9SpR86AB+4T+MtC46uH1+gcV3Ko/dlXP++49BQ0zWpzgfDxsnnuudZyNX19D + SFmlEHKBniKavLR7P3Qg8GJMpREVkjQTRgSnZdwttWXCmFGtnuhBKajautlqK7Am + 4J7iLGIiY1ynmig8JCJZ79CaSbyh8+/jmvjrx/17mR59HYUizH0P7FbPwAwDpoy1 + lFh//AJKJ65Y51ar/hYC+ljdgE91UNiF3zsSETI+Lp0r5y7XG/tKeV+tqQGUdhvn + L9m9eqrvAw05TD/o2DKZSoSeRKLcMlqNwxYko9YO9NJeAfc3RbCWltgTii49+srf + mwyCuz/BQwz5rRY6VP+QLYkDGmzEjekrJGqWZQP/BU44TihL06mv/mxY3xConG24 + Fy5Mi9UmNwsJMWBIlPEREantjbVnboiS0Q0DN0OAIw== + =+R0I + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_regex: ^(kind|apiVersion|group|metadata)$ + version: 3.6.1 diff --git a/manifests/site/test-site/target/generator/results/kustomization.yaml b/manifests/site/test-site/target/generator/results/kustomization.yaml new file mode 100644 index 000000000..1ec2d51e7 --- /dev/null +++ b/manifests/site/test-site/target/generator/results/kustomization.yaml @@ -0,0 +1,5 @@ +resources: + - generated/secrets.yaml + +transformers: + - decrypt-secrets diff --git a/manifests/site/test-site/target/initinfra/kustomization.yaml b/manifests/site/test-site/target/initinfra/kustomization.yaml index b652333d3..6d5e30e36 100644 --- a/manifests/site/test-site/target/initinfra/kustomization.yaml +++ b/manifests/site/test-site/target/initinfra/kustomization.yaml @@ -4,3 +4,5 @@ resources: - ../catalogues transformers: - ../../../../type/airship-core/target/initinfra/replacements + - ../../../../../../airshipctl/manifests/function/flux/source-controller/replacements + - ../../../../../../airshipctl/manifests/function/flux/helm-controller/replacements diff --git a/manifests/site/test-site/target/workers/hostgenerator/kustomization.yaml b/manifests/site/test-site/target/workers/hostgenerator/kustomization.yaml index a88e9926f..687f9fba4 100644 --- a/manifests/site/test-site/target/workers/hostgenerator/kustomization.yaml +++ b/manifests/site/test-site/target/workers/hostgenerator/kustomization.yaml @@ -7,4 +7,6 @@ resources: transformers: - ../../../../../../../airshipctl/manifests/function/hostgenerator-m3/replacements - - patch-delete-catalogues.yaml + - ../../../../../../../airshipctl/manifests/function/hostgenerator-m3/cleanup + - ../../catalogues/cleanup + diff --git a/manifests/site/test-site/target/workers/kustomization.yaml b/manifests/site/test-site/target/workers/kustomization.yaml index ece1a696c..e168397b1 100644 --- a/manifests/site/test-site/target/workers/kustomization.yaml +++ b/manifests/site/test-site/target/workers/kustomization.yaml @@ -2,6 +2,3 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - nodes - - kubeadmconfigtemplate.yaml - - metal3machinetemplate.yaml - - machinedeployment.yaml diff --git a/manifests/site/test-site/target/workers/provision/kubeadmconfigtemplate.yaml b/manifests/site/test-site/target/workers/provision/kubeadmconfigtemplate.yaml new file mode 100644 index 000000000..1078b88c1 --- /dev/null +++ b/manifests/site/test-site/target/workers/provision/kubeadmconfigtemplate.yaml @@ -0,0 +1,30 @@ +apiVersion: bootstrap.cluster.x-k8s.io/v1alpha3 +kind: KubeadmConfigTemplate +metadata: + name: worker-1 +spec: + template: + spec: + joinConfiguration: + nodeRegistration: + name: '{{ ds.meta_data.name }}' + kubeletExtraArgs: + node-labels: 'metal3.io/uuid={{ ds.meta_data.uuid }},node-type=worker' + provider-id: 'metal3://{{ ds.meta_data.uuid }}' + feature-gates: "IPv6DualStack=true" + files: + - path: "/etc/systemd/system/docker.service.d/http-proxy.conf" + content: | + [Service] + Environment="HTTP_PROXY=REPLACEMENT_HTTP_PROXY" + Environment="HTTPS_PROXY=REPLACEMENT_HTTPS_PROXY" + Environment="NO_PROXY=REPLACEMENT_NO_PROXY" + preKubeadmCommands: + # Restart docker to apply any proxy settings + - export HOME=/root + - systemctl restart docker + users: + - name: deployer + sshAuthorizedKeys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDK5jnOafJwnoN+vp77LgayzLZ7O6tu96cObzwjIEwOowi2KHTk+G4sUXzE4mt2QbPTbyOF45d/omcRZYixrTmYwwtJ9QGPbwWw/qpCRzVo5uV4qbwBd3iRUqXryOmZRCCFac678JXZS9f8AfOP9rHkh2jqhA6dJdtvqYTOpPLtmw8pYjScH/YqBXZObNSFS5PlSPl901UhZH4FNUAuYeR9JGY99wgM+R9XHRRgfBPJzwzvOQ7ZYfvxb+n4TuBr7u7jZtYC+pmG/eOYbIt2/vexO0y/rNomtC+hjDAXZO2VFwHejYW6r+ZPpkNrdr+5U8s0aENGg4BJkVa2n3LwUrZF segorov@node1 + sudo: ALL=(ALL) NOPASSWD:ALL diff --git a/manifests/site/test-site/target/workers/provision/kustomization.yaml b/manifests/site/test-site/target/workers/provision/kustomization.yaml new file mode 100644 index 000000000..116216c00 --- /dev/null +++ b/manifests/site/test-site/target/workers/provision/kustomization.yaml @@ -0,0 +1,11 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ../../../../../../../airshipctl/manifests/function/airshipctl-base-catalogues + - ../../../../../../../airshipctl/manifests/type/gating/hwccprofiles + - kubeadmconfigtemplate.yaml + - metal3machinetemplate.yaml + - machinedeployment.yaml + +transformers: + - ../replacements diff --git a/manifests/site/test-site/target/workers/machinedeployment.yaml b/manifests/site/test-site/target/workers/provision/machinedeployment.yaml similarity index 100% rename from manifests/site/test-site/target/workers/machinedeployment.yaml rename to manifests/site/test-site/target/workers/provision/machinedeployment.yaml diff --git a/manifests/site/test-site/target/workers/provision/metal3machinetemplate.yaml b/manifests/site/test-site/target/workers/provision/metal3machinetemplate.yaml new file mode 100644 index 000000000..f4405f62a --- /dev/null +++ b/manifests/site/test-site/target/workers/provision/metal3machinetemplate.yaml @@ -0,0 +1,10 @@ +apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3 +kind: Metal3MachineTemplate +metadata: + name: worker-1 +spec: + template: + spec: + image: + url: http://10.23.24.102:80/images/data-plane.qcow2 + checksum: http://10.23.24.102:80/images/data-plane.qcow2.md5sum diff --git a/manifests/site/test-site/target/workers/replacements/kustomization.yaml b/manifests/site/test-site/target/workers/replacements/kustomization.yaml new file mode 100644 index 000000000..5bef2323b --- /dev/null +++ b/manifests/site/test-site/target/workers/replacements/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - workers-env-vars.yaml diff --git a/manifests/site/test-site/target/workers/replacements/workers-env-vars.yaml b/manifests/site/test-site/target/workers/replacements/workers-env-vars.yaml new file mode 100644 index 000000000..ad79874ab --- /dev/null +++ b/manifests/site/test-site/target/workers/replacements/workers-env-vars.yaml @@ -0,0 +1,41 @@ +# These rules inject env vars into the workers. +apiVersion: airshipit.org/v1alpha1 +kind: ReplacementTransformer +metadata: + name: workers-env-vars-replacements + annotations: + config.kubernetes.io/function: |- + container: + image: quay.io/airshipit/replacement-transformer:latest +replacements: +# Replace the proxy vars +- source: + objref: + name: env-vars-catalogue + fieldref: env.HTTP_PROXY + target: + objref: + kind: KubeadmConfigTemplate + name: worker-1 + fieldrefs: + - "spec.template.spec.files[path=/etc/systemd/system/docker.service.d/http-proxy.conf].content%REPLACEMENT_HTTP_PROXY%" +- source: + objref: + name: env-vars-catalogue + fieldref: env.HTTPS_PROXY + target: + objref: + kind: KubeadmConfigTemplate + name: worker-1 + fieldrefs: + - "spec.template.spec.files[path=/etc/systemd/system/docker.service.d/http-proxy.conf].content%REPLACEMENT_HTTPS_PROXY%" +- source: + objref: + name: env-vars-catalogue + fieldref: env.NO_PROXY + target: + objref: + kind: KubeadmConfigTemplate + name: worker-1 + fieldrefs: + - "spec.template.spec.files[path=/etc/systemd/system/docker.service.d/http-proxy.conf].content%REPLACEMENT_NO_PROXY%" diff --git a/manifests/site/virtual-network-cloud/ephemeral/bootstrap/hostgenerator/kustomization.yaml b/manifests/site/virtual-network-cloud/ephemeral/bootstrap/hostgenerator/kustomization.yaml index a88e9926f..c8decffd7 100644 --- a/manifests/site/virtual-network-cloud/ephemeral/bootstrap/hostgenerator/kustomization.yaml +++ b/manifests/site/virtual-network-cloud/ephemeral/bootstrap/hostgenerator/kustomization.yaml @@ -7,4 +7,6 @@ resources: transformers: - ../../../../../../../airshipctl/manifests/function/hostgenerator-m3/replacements - - patch-delete-catalogues.yaml + - ../../../../../../../airshipctl/manifests/function/hostgenerator-m3/cleanup + - ../../catalogues/cleanup +# - ../../../../../../../airshipctl/manifests/function/hardwareprofile-example/cleanup diff --git a/manifests/site/virtual-network-cloud/ephemeral/catalogues/cleanup/kustomization.yaml b/manifests/site/virtual-network-cloud/ephemeral/catalogues/cleanup/kustomization.yaml new file mode 100644 index 000000000..db217834b --- /dev/null +++ b/manifests/site/virtual-network-cloud/ephemeral/catalogues/cleanup/kustomization.yaml @@ -0,0 +1,3 @@ +resources: +- smp.yaml +- ../../../target/generator/results/cleanup/ diff --git a/manifests/site/virtual-network-cloud/ephemeral/catalogues/cleanup/smp.yaml b/manifests/site/virtual-network-cloud/ephemeral/catalogues/cleanup/smp.yaml new file mode 100644 index 000000000..5b96bd725 --- /dev/null +++ b/manifests/site/virtual-network-cloud/ephemeral/catalogues/cleanup/smp.yaml @@ -0,0 +1,29 @@ +apiVersion: builtin +kind: PatchStrategicMergeTransformer +metadata: + name: smp +patches: |- + --- + apiVersion: airshipit.org/v1alpha1 + kind: VariableCatalogue + metadata: + name: host-catalogue + $patch: delete + --- + apiVersion: airshipit.org/v1alpha1 + kind: VariableCatalogue + metadata: + name: networking + $patch: delete + --- + apiVersion: airshipit.org/v1alpha1 + kind: VariableCatalogue + metadata: + name: env-vars-catalogue + $patch: delete + --- + apiVersion: airshipit.org/v1alpha1 + kind: VariableCatalogue + metadata: + name: versions-airshipctl + $patch: delete diff --git a/manifests/site/virtual-network-cloud/ephemeral/controlplane/hostgenerator/kustomization.yaml b/manifests/site/virtual-network-cloud/ephemeral/controlplane/hostgenerator/kustomization.yaml index a88e9926f..b00a586d9 100644 --- a/manifests/site/virtual-network-cloud/ephemeral/controlplane/hostgenerator/kustomization.yaml +++ b/manifests/site/virtual-network-cloud/ephemeral/controlplane/hostgenerator/kustomization.yaml @@ -7,4 +7,5 @@ resources: transformers: - ../../../../../../../airshipctl/manifests/function/hostgenerator-m3/replacements - - patch-delete-catalogues.yaml + - ../../../../../../../airshipctl/manifests/function/hostgenerator-m3/cleanup + - ../../catalogues/cleanup diff --git a/manifests/site/virtual-network-cloud/ephemeral/initinfra-networking/kustomization.yaml b/manifests/site/virtual-network-cloud/ephemeral/initinfra-networking/kustomization.yaml new file mode 100644 index 000000000..75c3dbd13 --- /dev/null +++ b/manifests/site/virtual-network-cloud/ephemeral/initinfra-networking/kustomization.yaml @@ -0,0 +1,2 @@ +resources: + - ../../../../type/airship-core/ephemeral/initinfra-networking diff --git a/manifests/site/virtual-network-cloud/target/catalogues/cleanup/kustomization.yaml b/manifests/site/virtual-network-cloud/target/catalogues/cleanup/kustomization.yaml new file mode 100644 index 000000000..153dfff8b --- /dev/null +++ b/manifests/site/virtual-network-cloud/target/catalogues/cleanup/kustomization.yaml @@ -0,0 +1,3 @@ +resources: +- smp.yaml +- ../../generator/results/cleanup/ diff --git a/manifests/site/virtual-network-cloud/target/catalogues/cleanup/smp.yaml b/manifests/site/virtual-network-cloud/target/catalogues/cleanup/smp.yaml new file mode 100644 index 000000000..5b96bd725 --- /dev/null +++ b/manifests/site/virtual-network-cloud/target/catalogues/cleanup/smp.yaml @@ -0,0 +1,29 @@ +apiVersion: builtin +kind: PatchStrategicMergeTransformer +metadata: + name: smp +patches: |- + --- + apiVersion: airshipit.org/v1alpha1 + kind: VariableCatalogue + metadata: + name: host-catalogue + $patch: delete + --- + apiVersion: airshipit.org/v1alpha1 + kind: VariableCatalogue + metadata: + name: networking + $patch: delete + --- + apiVersion: airshipit.org/v1alpha1 + kind: VariableCatalogue + metadata: + name: env-vars-catalogue + $patch: delete + --- + apiVersion: airshipit.org/v1alpha1 + kind: VariableCatalogue + metadata: + name: versions-airshipctl + $patch: delete diff --git a/manifests/site/virtual-network-cloud/target/catalogues/kustomization.yaml b/manifests/site/virtual-network-cloud/target/catalogues/kustomization.yaml index fbe5e2569..1e8b48ce5 100644 --- a/manifests/site/virtual-network-cloud/target/catalogues/kustomization.yaml +++ b/manifests/site/virtual-network-cloud/target/catalogues/kustomization.yaml @@ -4,6 +4,7 @@ kind: Kustomization resources: - ../../../../type/network-cloud/shared/catalogues - hosts.yaml + - ../generator/results patchesStrategicMerge: - versions-airshipctl.yaml diff --git a/manifests/site/virtual-network-cloud/target/generator/README.md b/manifests/site/virtual-network-cloud/target/generator/README.md new file mode 100644 index 000000000..633ba6e85 --- /dev/null +++ b/manifests/site/virtual-network-cloud/target/generator/README.md @@ -0,0 +1,32 @@ +# Secrets generator/encrypter/decrypter + +This directory contains an utility that helps generate, encrypt and decrypt +secrects. These secrects can be used anywhere in manifests. + +For example we can use PGP key from SOPS example. +To get the key we need to run: +`curl -fsSL -o key.asc https://raw.githubusercontent.com/mozilla/sops/master/pgp/sops_functional_tests_key.asc` + +and import this key as environment variable: +`export SOPS_IMPORT_PGP="$(cat key.asc)" && export SOPS_PGP_FP="FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4"` + +## Generator + +To generate secrets we use [template](secret-template.yaml) that will be passed +to kustomize as [generators](kustomization.yaml) during `airshipctl phase run secret-generate` +execution. + +## Encrypter + +To encrypt the secrets that have been generated we use generic container executor. +To start the secrets generate phase we need to execute following phase: +`airshipctl phase run secret-generate` +The executor run SOPS container and pass the pre-generated secrets to this container. +This container encrypt the secrets and write it to directory specified in `kustomizeSinkOutputDir`(results/generated). + +## Decrypter + +To decrypt previously encrypted secrets we use [decrypt-secrets.yaml](results/decrypt-secrets.yaml). +It will run the decrypt sops function when we run +`KUSTOMIZE_PLUGIN_HOME=$(pwd)/manifests SOPS_IMPORT_PGP=$(cat key.asc) kustomize build --enable_alpha_plugins +manifests/site/test-site/target/catalogues/` diff --git a/manifests/site/virtual-network-cloud/target/generator/kustomization.yaml b/manifests/site/virtual-network-cloud/target/generator/kustomization.yaml new file mode 100644 index 000000000..b2f240258 --- /dev/null +++ b/manifests/site/virtual-network-cloud/target/generator/kustomization.yaml @@ -0,0 +1,2 @@ +generators: + - secret-template.yaml diff --git a/manifests/site/virtual-network-cloud/target/generator/override/kustomization.yaml b/manifests/site/virtual-network-cloud/target/generator/override/kustomization.yaml new file mode 100644 index 000000000..b72f80116 --- /dev/null +++ b/manifests/site/virtual-network-cloud/target/generator/override/kustomization.yaml @@ -0,0 +1,2 @@ +resources: +- ../../../../../type/airship-core/target/generator/ diff --git a/manifests/site/virtual-network-cloud/target/generator/results/cleanup/kustomization.yaml b/manifests/site/virtual-network-cloud/target/generator/results/cleanup/kustomization.yaml new file mode 100644 index 000000000..6dfa81441 --- /dev/null +++ b/manifests/site/virtual-network-cloud/target/generator/results/cleanup/kustomization.yaml @@ -0,0 +1,2 @@ +resources: +- override diff --git a/manifests/site/virtual-network-cloud/target/generator/results/cleanup/override/kustomization.yaml b/manifests/site/virtual-network-cloud/target/generator/results/cleanup/override/kustomization.yaml new file mode 100644 index 000000000..002f4ac13 --- /dev/null +++ b/manifests/site/virtual-network-cloud/target/generator/results/cleanup/override/kustomization.yaml @@ -0,0 +1,2 @@ +resources: +- ../../../../../../../type/airship-core/target/generator/cleanup/ diff --git a/manifests/site/virtual-network-cloud/target/generator/results/decrypt-secrets/configurable-decryption.yaml b/manifests/site/virtual-network-cloud/target/generator/results/decrypt-secrets/configurable-decryption.yaml new file mode 100644 index 000000000..c6b8f6b15 --- /dev/null +++ b/manifests/site/virtual-network-cloud/target/generator/results/decrypt-secrets/configurable-decryption.yaml @@ -0,0 +1,28 @@ +apiVersion: airshipit.org/v1alpha1 +kind: Templater +metadata: + name: secret-template + annotations: + config.kubernetes.io/function: | + container: + image: quay.io/airshipit/templater:latest + envs: + - TOLERATE_DECRYPTION_FAILURES +template: | + {{- $tolerate := env "TOLERATE_DECRYPTION_FAILURES" }} + apiVersion: v1 + kind: ConfigMap + metadata: + name: my-config2 + annotations: + config.k8s.io/function: | + container: + image: gcr.io/kpt-fn-contrib/sops:v0.1.0 + envs: + - SOPS_IMPORT_PGP + data: + ignore-mac: true + cmd: decrypt + {{- if eq $tolerate "true" }} + cmd-tolerate-failures: true + {{- end }} diff --git a/manifests/site/virtual-network-cloud/target/generator/results/decrypt-secrets/kustomization.yaml b/manifests/site/virtual-network-cloud/target/generator/results/decrypt-secrets/kustomization.yaml new file mode 100644 index 000000000..4a4ef5320 --- /dev/null +++ b/manifests/site/virtual-network-cloud/target/generator/results/decrypt-secrets/kustomization.yaml @@ -0,0 +1,2 @@ +generators: + - configurable-decryption.yaml diff --git a/manifests/site/virtual-network-cloud/target/generator/results/generated/secrets.yaml b/manifests/site/virtual-network-cloud/target/generator/results/generated/secrets.yaml new file mode 100644 index 000000000..17bb49ccc --- /dev/null +++ b/manifests/site/virtual-network-cloud/target/generator/results/generated/secrets.yaml @@ -0,0 +1,49 @@ +apiVersion: airshipit.org/v1alpha1 +ephemeralClusterCa: + crt: 'ENC[AES256_GCM,data:HZtJf820/r8f0YytJeL1X7EXsKL987I1f1gKLoSNHzSFczOi/zXsiRIWCWH6rYn4Z+smlFtAGufvEM8uPJp8ZdGDlV5zHzjOnfMklOB4n5qOEoEKzwhCgxZaQPBw9Jr0SQBVFOKGPiAnOTkkOgfE5FWra/7SkkmgdLbR4MyHar3y88Eumkrqm4qo3RrfVtaSzTWgygtXME7wRnhutbIiA6zxBsgXFpxoaKMgLmwvJpo9PjSxz5CAYq/SN9mKLYGx3Vyr4ovLjtTIorPlQNW+iL3vBLkwhLP41HKYvK5y+rBIxlEU3Gyvd8493lk6Gh55lbgpT45DYaylC6hD+Ec29DdOwFBg9s8yWFHz8rYVElv5a1+RnOfdfnrfYbNk4eanyZH6PBDyzFZ/KRdMEPGFnMVIQ2ngnDLXzCQOBCTjHLb2FlCSWDmNVFSyDx8CAw7ik1AyNgHScfpIdB/cP/ujpDDhJpFioXMD8gSsX+l0dTDRAZo5ZIIRx8gM0446lmHxWjYZM5oT25PW9SDdo+u7L5oc3kMcKXzo2JxQRY+DDXXtz4ZUigh2RGTN764thOoJQA0LXiW/MjuuXqyXHXY9o49EFHsdq3hgq5DDhcRGTg+0pOUoftmCrpZYeHrv7yYnhiwDi0ot/oZQtIi9GWpKgg4uhuK+gN5htQzM6GNbmibgXNSCJPKeG9AMHErLEzI8SfLh+QRz5Oc8NvsTPHw0OigeX2FqW3rTmbsLR/w1mCHy0Y0IEPHrRMDS4HwzpLyWMvjR2RAHx1sA48su/6qRfxOZEhvOvzX/N06WozO4KjkXWH40oUatxyzH9T0SQaw7Y77eH5zh8PPJ1KL+KhtjpxNTP9CZfuJocuskYbXxeGQgKd5Ky76S0pAjgvpCvGCjCb0ltacW7bBFpblashR+ptRxucI05eBVLSjMRJjxtKb41uUVAg5euNeLVx/r+RoFmbna0NCjOKKXm8k85OORfbPOxXCp3zBgz/D3/+2BAdQS3t9LXi1cF0DuAr1165yxZIT2U3/JBBE/wf/d3T7Z9eVSaH00HI8rJCEhg+Dp14CvpjjOIjYkSti9FmhLNOV2S4pjWzDwsLjV5yGQvJJKApm+yL4NcojfUE61jyDC+VFEmOnETcIfF5nghLk8L7QP9su5eRouqr0NboAPFd6K4Ec9GaH28nRSo8IlDDbVqdYYFzVYAn4mTKX6PWdYzKCISPe1BlYPcRiAocOFqDMKCDjxQuVvMnyl8/VRxJXVU7VMU3BoQ+rdp+/P4lFNxaJA9ewvfvX3Dk81c9AtBJ1t213GEwQ1uLUUaIG89l6AYJ2Wkj2uNfVGCwxwTRDQBsrArhFW8Pj01ysSJ2CNoRfkXBVTm9Pial9PJP3e9xBAoODkLEQfeeWxCQv58UacWnew6HXTf3iMDczH4zfAfGbYMhpVnR/iqkCWemWIq4XpdpjJLRSvpLM0Xi7VsHYDZo3K/bA4aXh9IiT3bOsFU2dM9tV9GR3WodwungbM00tTyQv0ADn2OOTSYD8B1pBzjLQDKn3sXHVyolPkGZIU4T9eB47200nCyaI0BXWGtzhEF9O9lPGg8H9AT6q1oW32s9UCzC4+VVUjXVGv2FY/QIZBkAtFnT4NC2P7sY0EpDuUNfWSPg3gYRTuIySRxJMCQevyC09NsmWx0lOiECmcvEnHh61VkmTeorHaoCpx7Jnb2TceYTCB/6fPUo4wZm64wWxpE7VDozpBL0cqjutuQuuDGKQQ153J0Gp619hruPW74iNqhoe+Qu706DGt/ZR6tpgC/pzmR3qno6a/xXuIXgBFGLJpZJNMcbFaWCsjwB8NovBFiOlTOZpdyhSbZi3DQV+SB0L7Pjt9DnGIBhKNyR1VAxoNMcA1fBw1nH0o1/fid6l42baOWc9CFOwyn72hXw+9QAh/wFy0g+mBRpD7gfl7mqr6vuIILFmo0Zt5FA==,iv:+GaLzo3IZQUbrKH+DwoClgPxECOkhyNkKwu6jj9TFes=,tag:7Gouyh6wTV0YG+MMkC+4bQ==,type:str]' + key: 'ENC[AES256_GCM,data:PYh6RRCwUbdFOegAET7Gy3g+m9LfknB4vCq6amB6pOW4Ebp3LmSjWk3fQBWIaor9J9vhB/Irp/LRcwkPg1jdyzKMP/rmmNthdkdbst4oDcZVI2B3SHUVeJgDM4qN4hZ+xHVgSx0QFS3ynp3KA1kweMis3/VqjwGY8835mqVDjNv7g4OEcmj89HZ/cPmkryf9xEy17cs2ixV6LCfB+8LGr8OoKCYxQFetr3auqEKjAnUWaKpQe2touU2oF5iwVtxThHGTu/ytOyRF5yEjHCezt1B2U3DQ3Vy6nt7PTMA0X6QtHHdP1mOIW/DS1CokdX6LaM8ynosH4XqcQMiP/HfLJ8ymx1xL6zl+CkDGS2gTCyYTR+Nq3jwwhac9G2Pa22IpeMipCKqVFGzbs/bHUzUAfj3Arje1ugCLdarZDVjE2qk9UYLqQ8Sw5eq8jEE1Jqh0GyAS/8VIWsl4+0zggSNYmDmeC9lMKPM/ltMxQg04k/gTKyHKqaeoqs8z1Y26taojGUEHFFJhUcO92JZiKlYbpE4lrm60fuLIl6uxB+mSKJkLdFyCON6QhA7rorKM5CZQb2xrU8mi+NY0O1h1MwXsTIsiXLZcDGzsTJKw8mhnRJGWLpqnJ05Y1/DgvtV9EhuaR6pORsovjP5UDH/qiO1n5gMPBes3ikvQkK8C0CcAH7XoVreVe+deEP/1yHnL5SAMP9Rq0xFJ0AupZDyDTDqdkCv/6ngfqcq+NMTinKEyZVyYy5bb9T6bgYoKAuUYnThttUnDIRtLlKLKHwl1VLtoVEpisd7i3WO3Ul6HhJT3gqHCbGVW9K7SFSotAumChmYnvXSVn64F3+lmyDbyUbttrkeooAZftYP7zjC31ITtltW8D321omb7cfwef/iW/bKtkoqIOnENpX0xUkg/JFpiQrTZTOwVCKj2i43whWdel2XEffD6nMSyys50UrOxd5CunDxXvWP6+/+J2g5GcI3JdbGGE/gDfT5V/9v+4P+Zb4/ayL3KaJbuQksQ5dqR4+QZogyjWrAe53I8UQI1B2YdL/ECoNc6QRaxby93Msl2Q7pShsR5tQBjLtgbeiOdIfmQ5nccfMbUPwubYUdErSZhpuquB2avWF6YNwCfk+oj73dWLPbNtALRCNY5rObhVb+T+te1MSxrZJ0tXQToLEk/5AUvrNNgYqD17ssTHuSKGhYkiqvynvIhXd0lTsPMDUV/ecGGh93PynRNhDVpVA37zl2DN+KOEmdJYOLVWgg3zEHoB02rosf0t9E4W338uOOq9wIFbQfoVfhA63vy/2B2EdpKZUOsqgNZqI+VPnllH5uaos0Bona2q9XnIApfT5oqTzqWLUrfw5EL6B/aKunFlVk5UMj2Op8RtRV7qqV1ybVV6azTb6Nf57lzdyyXFj8lmkDZnOBYWuq8ZpXdzNF+PJCKo4cob5VHATV9XqatEfOcMcDyvauh3Xtn6wGlbiD8K1XcrBgPoKxHNY4BjYX+gBgwSu+RqRUVCzw7wMxj8MLg5yGFr1wIfN3fOIpHXNKRBlcaUBujKLXqvsn3CzNokYYXX7Zp9oH5nGlzc+UP9PHGkt2WGDggAfqQ4wcoKk9MpxKEpGYWdblgh13ySZToA2k0a1xHOZZykDTSrxQtxSqC1ht0i0Oa9M5KxQMd2GVfcQyqV/3gZGGJ67sE4pQXfO4fmRX2Y+fcNqhLwYtcoILV0pAiy96y35sTLTTaokMvbcYHbPzLsJ4oqR37c6GYzWERL+Yf2TETpzCQSJpqmOuD+yXbOLW17wpWrIf3wfo/j4dD3las5fBXN8mPcd3a25dR+7sbef9dNMsOqsTkgNGstW7nSp/tymk4HMiVlH1QFGZthfg3I+APuP+Jqnbvyk1E0Eo39xwIXiMRKTqjT4hap5WPd1gfhIBe+Jg0+VZH/IoHkNbvVxqoFHvYStTrEe/kWo5Un2yBrGw6OlE4MNJPgBPS4F7Q+xFZod6XxcOYdvwGlNiYvlb1NRmRMx0Qlt1A7aISW09cverACiR4g108Z52KTqKOzAP5utO1iEC4je3XfEOdyQ84P1NjSxHaf8AIUjYX+oUDgFxsySbdmQzkKIqg4gyw+nVrdARYpPo0FvGVSckKF5o3M83j4P3jWaxcVj0qB/63zgdAgPum7COi8xLBViCXUsXYEczrvZCbCGTv2syGiHwLbYfH2UrIqyoSkkZ6rzZZwD+BqM1pWMP0MNEwca8DIVQFPcItRIt2vDktVmOJe3UJ+7lk+27Q1bC0DbT5PrEykXsmo8H7ctO75R0UEuQDmjuTPiPcTmxhNIi63fu/eW14SmI5m5neAJ6RSfnutCo9ia17A4K8epuZQaoerJgDTfm43uNlDPlPgK3oYHWJE353TlfA/Fkum7g2VhMJ8ceV2lswRjN6hVK1+l5ez+tXRkkjxanIfSBRZxW/6ooM5en2zyzFqV2VBEawZEXG91mQt0aQQFM9Ukg1I6xVsmluNyFGl4Z0YUmm4nhjmCBjx2h2Qe94QI2qBLbrQrmJMiXaqFHZM2hdTFrx/wazywS+eIazb2UbaGsLa8G78nPkYJck8j5pKbUy4MNYZz83iu4pXoaMXDNfQDzaXnceAbOTkeYNyLY0Hrr8h55NFFHY/JLEgJrhdnVt2nSdPxTrNDUQCNUtWud4mVSPMSqZGNXN6ZNHJkt867H/aFGc/treT4xe7cUaykReH2eRSLC06wM2QLyMD6WlZw18QMBRE2n2PfnfaL52YNYHyuIvNzf3HNlW7G8VOOcKOSAanTfJvQph9gAoh1N95xib6u9c+LhPAY59N0oGBCH80bmKYAnbbEgn+1Vle3x9UwGnkeTDR5yo+MWJVtqoLoKggPug1G8/+sUTgFw1gYpAx1a3KM+CHshswMwC8T4fE7cC0J9HuXfeIKm/oIfoY5+gVb3pGdvlXI3C0tXlpr1Iu8a5O07ugH7j+4rzd1o8Qb+0duVEEehKNWNSZA==,iv:JYJ5gIun3lEN156HbX36zhtDMOjUgPBWeGqRBsu/8Kc=,tag:Sopg+BPB6Q3BIlz3doAx9w==,type:str]' +ephemeralKubeconfig: + certificate-authority-data: 'ENC[AES256_GCM,data:fkJrkl1wkOR0rmsEuFCK78fSwWb3P1THxN2pXoMMnNt5AfdxLyYTb2OczfdtxU6HdrCeg3myibW83P4AIZfs5idEOKYeNgh05UDYHy2kxjIqYr8wBFM/OEe8okI0+AK0Fw0TmQzv3KEm+9yWfava5uFMe6eboSGwZ/CjTUMrIihTbw3xcHJ2PY2Fjl2YqJkcERauLBrLt1UyL0r+nTVbaqJ7mtziVLssv8H96+gTo1C1OaK3LHlHYjUDnK2Zkwcao6EqCxnFQfxlX4b2CkaqwUbs24sG2ewiJ3smIXPTWeLMZB4W/GKx7H33y1rATm+Sk2LixGP0zCXQl9AmETsQfZdOaLZEmdhizwEIyQd20Utb0RSGlP/RBclwUpX08DjR+Oq01mwUVJaDUpY5cOlO6ziFnjeJXZM3mQQ/MbLFVvkUUm0rGsRkYWz2XA/SQv5H3rvEUpKvBn4+MsIL0tID8ciBKoKvajP9KLy0l+njEAzJgqqGWdgO/ZhQ1gaPzOZo/OIFKH0jrhgs6AVG7lpm5eD1kgKpkux9mo9FYOaNetdRCyUnyI+cV8Ikix7CFfkVGS4o+FTDBHnZ0D6jkqbjimv+NwFCxzUxTrHcEBW3D5IYaTP2GVFkieALMWMF3foYhAqUiLfEjyRgwdTZpdTPigD1iXIVk4QUXONTZXmgGyrKabkFh730IT7QBDlRmvrwTIaJ0WDaHbPesL8ZYsW0MDQW1u10mLLjK/3BrCzb1lltasLQWh/q5e0MMFG1s4G/3Y0u1Lrs27bK1/SrMhhUwX2gxaxp5fWYARcKRtaarbZ1TgWC1PxqhUmbsvP60iPGn91qlGpMJ5VUdci0S9FQM/I7HoO3UjhhhzMTiQUyAWOu3+0QIDw0T5UIdHFbZYmqpn0XqXI8bhP8DPsHZ+XKEJRsBktl9/zdcZ+TY1QvsbtC6JgeS/P7RZfaWG74N2h/CgLiYuWpyuVxNlaYSpIJ9PNesRP1GK3CUpCp87H/MN0XOboXH9wLMFm7O8ayWKqOeVdNJ3ziFk66LsdbpxMlqy8CWrgGtPbgpDK8HkhlC6ra1BG5wAXUMXl4C6p/+027Et+IOuYwY8tD1z2r/wWpf0HcUrrMe1nHZv1vMszSA1i9eEBu6cAR1u5mKCzjayn/QEaYeGm/ROuzDskZy/KAPgpq6g2NYHqHfTPUeO6eB3+e1UDWJ4scPSJWetAFocr4TlZCWygg9Oite8h18N/LNziVQZ3QavUdCL/gZ9FWlS9i8zr8EFHYtQ3xJTC/g7W9EZkuNPYCJi3x/uHzc4sVfHK/mfoct1Gsbnq8atH6jDWhR1gfPS65AHQbLmqU1sRyGcwmRQAa8fiIlUP1VbTnkYFpXriVyfkhF/lBOxIMwAoe8OZ5nLg9pgnB/ZacZ5rEw/M1Fb3WrNdPYxe4pG7mgW6hLSyhkPEqmek8c/ZL13psgwhrsuhO90NEf/uxVt4HrPWUNdninHqiOjSB9iXgGaGSIUdCmLNn065MeKnOyThneHor61L+WarzDIhhZ/OUSgiKKGGvXPfKRLqMSXWf40Qy691EicQDjpu+RWkDy6np7WrOWd7uYBhkoz6WgQODB5Wm+DGob7eIxw1V/xiAuF0nDi1RJc3xEkbkaOX8LrUEMUMvvGxJTdGNfO8yW07owM0PddoUGuhDeg+g7SLUlHCJUxNpwi6lti02wbAZ6XAxc2ltN9fNZ98OE1VMtSlX+4pFLmMxtb9S1N53YS7MFejreADRoNskyFK5uYuPN5+a6lcOMHnXSKZnAC5EZsl3AiuNNIS2hIo4Hx7YJFZtB5JlF9YSjFXZDnZiSwZAGvhAUHq2Yn0UVModpN3TrBzSelJYwY+aQDJ8bSuQAp6U/2HJ2FFQFX35waZMHYqPyOlXiCGeOl7dYV+IpCMdZZaPzwI4EzjZkfKpW/FZBtJ/p45IytHI7gt/XAsiWQ==,iv:KxGVXmvi0AMbUQ1YAJTpYH5dIBA6ownuLtsI0K8Riko=,tag:j3HdCtl9Ptj6UH0otSsLJA==,type:str]' + client-certificate-data: 'ENC[AES256_GCM,data:AHrZ8/PILjb11JmChZDN43f8HYcSDUgj3//H0T0Hq2dAypGWNgiNQzhuJDiEj16qUYTJZqywhV4Ft6z7kMpI3wx5GcKPnYHr1RQkiufORR9QAvD6DImK9/dyxF44htGkbv/8x7Xi/Fg61oDSXa81UmlHhXHeoCvHRaiAhtPtCmMPuFraCCWVzzxbqIjgaGWTaHQtp17ClgANPyt4eQq+hzk4fMCYKSCoqZcCqnklKiYaZI8lp/feT9MW4eRNJG6nrhGhEF8+DklOmf3uzdKIuq8kyBeHBD5gJ8mwj7N/oFHoWG9XAPojjs7ddU2QbNgRWroGcJEdHWNt3bsqEDkRc3CMEwMbACEIT1f9bGsnVwFVS6TDtJcNoKcp9rSyohNkcoeM2Fp5aweMkvof7+773rHXO7XjSKFhb/EcvES0kBNTVwAGAJ42a1gWgA3aXGllXr8jiFMehPIP/krgb5rqDiRxRY9BDQR74x6EV7la7zOtJTOSVBRe/CWhbqg7H9SJN08WY+4wcZ95+Bbi5pup0J3ZY8HUU5poFC27YLNkpVBLKe/95LKAtU6jEuYiPuOICVGlXZFIA8NHhFavenbsGxULRM+apKLFUIna1Q/w912kK7nWYdAMDJqgoseJz7TeARHDXUagWuwTPJLw9eKi/c0eS1cQ/d/Wxl3hc5v5M7YhxJ2jU4j0weo9hbuq3F3nHZ6eAB7xUZlP02MAuM65NpU0+c88KC9x9p5rt64+h5dssrdgo5IL2MvDAuwHztxMv5TMAp9ZaHfR9NrKYoBl2sSwtDw1Tq7QS9uoD9jbuIMGi3MON7FQ0joD7NrdATeBY2eJERXHrVfCZ1Ft3vpooiyYed/FKSlp+CzPDtYnLCfDThv/dMw9xSoKPbuigGxzkdvFfrLhkelbwKH6j/5xd1xKIzvzmRvGi2LDWHG6qpJASLrNBvoG2NdpEpIgewwDyUEk+eA/BZR8k26S1QuIyWkKn8jK8O+0I4Ff1/9Fjv6RBw0l1e6Na/3fT2I9znpGoIwGXBSI2HMzwPwj/VjOjM5pUfI1rza3FfskiN6to5hCVzZxTqKol8FkfSj67MAC1yW98ryM4RSvAHctbNqZal1Q39drgk/p3/HqTyTYWtTjNrSfsNg1wn1Qz/MBnebVHt3I/C8bUsJ/jQ4Y2/6AfOnQP9teO8LGw+C1FDj5+9hmmV+aRL9zA1CZOrSonBiUZvJRsh5tm7ZSppZ/dLh+barslw28go1NPqFNSBXdEqQgxMCTkVL0R7M/0W9HUbM3IVDX58TKijasJ22K8VfOYPR4C8plcAKosBCdpL5W1qoCpFpeo23aOR26LCuPHi2n4A5OxqeXHpdzSD0PQG3nhJQUX6PBY4wHDwx9q/fyrhcLl+uC9ezib41iRV4wRUpn/6exnvRCmrGpzuY6A5H4uWHSp841gSO+EANPtCaSVYb+8Xar4QV+cE2QrzzGIcJETgpjyDZGkw06vbU0jI01GvQISJBmLkeaUZvFFnaiwlBPpclSRyODGdGqWmVZz4uGJG+CB0WlZLIM992nN2Lv/LiiB2RdLswRGhD6mBSdpDpaEth2oZRXdgbfPOk5d6Aqqj2r+2TQMAZzyj6yNCLmjkQkl0eAdSOQMK0tvuZ1b0ft+jnW6qr9BWR/cXVoxv0W1mBxA9EvNRphXefNr7obAx9PrAjyB9mmr4v+sWxrVQk4wgmrEERzhXip1DwuyTSZFcfm4HtA5skq/QcVRrUraKOJfDU7oFq/ZMYPpbgFqQrFbjG32xdoj+JPlCIg2aqYX1uJwgrLxcZutTUpGllDBDxbiVbd2y0eoAvw858a5rXjiaay9llk447IofumD19ndpWjc5/DrJcWKvfGV/f05YTCrISAMBBcEQKpoP2NmKh47eV64l0zpWAMevuWET81jWgFE0AbpbiRGK5zO6J4eoYyqKvmGwSM/c55RvOyBPYJDwaSuJsE7Ydb8aboiYF5,iv:l0za+exweqGI4ND3zfdLELyAy9fUsf6GAxgc552p64o=,tag:sUdZIebwysPNteocS618lQ==,type:str]' + client-key-data: 'ENC[AES256_GCM,data:WeJY1lARUlPKfAixbJEFrf2ef75yr7zto2L3/rXmDXAPlFjqy3jwRbPPIQd26VAEUIYd6C9BxdJoq7yzlF394GSjiHWjcGnR8B3ELwvxVtxdyWEqHs4TC+LwyG3/5bv7ZMIo51USFn8W4UGNEJ8lCX8istzuDa4JCI+LbxlTdr9iuMaXDtRhqBgR/8aabQtCb4J3udAbhmUlNoXiLPDdlsntD/ZxTmJuoevPGZnfaPCcb1kTczP//kmGutlu74Z39FwyUwCo2k8OnXnioqxViUgRZ+b+DgnqZKmCTMNgEy7a4QnmGbjWQqXCNGI0u3OcZ5VWvp4BYydrx9K6VfHbu/ZqHQ0GGKpq2va0nLlQ3AneqQMPOqWiihA1tNkIkXYwjwmVT+ny8MLPpSYa7gc540iTh42UuU17iX+N8f0HlqSv5VqjRBUi5osXCKZKt9nzh6CKEySNpwU3SsWbI4zTIQ2HygK2r5F5H9VSATZEi4rjW/QIgKHIN7AQNGi04M3hiJKD+67sTpr84s2x79cPtskdO4XFH0byzzC1Rk/0MHDhaYvgzq/SG6dYN+dPctW5IRGJwyc+J1eFLHNYBfRnQEM9OG9YftlxXAL/ieR+3fJ8UEwxLJeQWZQxhe4gp46h36z9jf/nnVBm7A9+m30wkOAe3pyvHt91ZJiHTJHIHuK9+C5QM0VGEGw8ElPnYR4SzwkD4YzYZpAMguEpY2hTZPzWrW8hc/6LXYzAJovrODq4ZjNKkFEJAWQfM7NC6VyS/NVbhUIK/tCmCN008RDFN5Fq5IdRigd8tFP4LfUQmxVxkc27Ynd3XQXYWrNyAe7JMUCWidVdQW99gjiWaI+K7oSEntlXl7XWMdaChdG2wlIQC0T5oQPgGJ2e2HamcyNzS17etx5TZ1/dE5GH29V8GSAJbP4Kz7xRrzil+c/DLDeGHRAA36VJV4LMcJOZzkfqC/m8exILOLWkpqz98sxBhpPmgV41yZ81bMzr6OfHbYQ+wjDzLPwQ/hvVKmbhxVX1SkhewYWbDT2ada4rVnyLO84oZ+dYBRQ4IGt+qjkyqn4lvduipUpFcynu5SRQ36axoYxF5j2SNa39SqA4i+QcftFrjUlcs1c9k+I5sDqvCqkFMukVmTv6fP2bJPY+js9Ixc44ULMbTdb6LFXCKpigNFyr1Kyu0viF2/9Y5Av+lDgXOi5obApLemcVrs/Pr3u6GvcT6TWiYgtv6Sq/x83+m3X86cPRJZjM8v3utLrVWPbUe++Uc6wkKaBcSsKxaUnLR+n/GB9ZIyjzgmogAQ77ygj5AOWzxCidU9wiP8tvV+1BS4P/LSPFdSJ8khGORr4drvDvlD0hHwEpMFZQz5TyZCXkrazOPu0Lk6I5LENXHuwfu29dkjm0s7PTnPxlOC2UXTf42V2rsxVpAwp7+AuwVJVJrinBlQd7aWHXISWFbisgyEn3FEvIVDqMIjLeTtcmGeIwSuVwCpNt8OYmbcUCdRN586Re9ph8BPFL5Bbffw/O+4J6fiewEeRImgXfj716c6a1KjrhfgnLQZ+wE2gyFoUcu8YvVdu0L4YCIT+hhTDAr0LU/doS0bYj/KDpkzyyw392KTS3ZgHl9pU8WKcL3x6Ik/0qbacvCbxPLvfwWRfUA3seOqPWlMvP2i6u8poAdy+l0ij4XYtqvQEWoYBERrM0+5EsyfJmJtOZYoadTtsJV20s+j62oi0WKqys9fVlI8bzq/ygY+GuoJud7AWwbst21xiNLA2JmSAYNlaC7d5WKWZvnEbbWR2zrtIWq3aaXJFgq4Z6Xbb6V5HIpuJHNpK0r1YK4mWdY2KKFAcedawwmWAImQTJWXAzgYboQdyU5ccVCsBOSGCEZHSRkCXZN/ZGiOYr+ldqYdU2ngtUa9YB4jnbAa/Jz9C+EY4B8OYrm/VgoHOKz86gAteYD6eCCgeXSkjSX4Ju/7LFkjJsQnaRBTXVg7Cat+EwVwWswJ5cHpCBXUkSczKWwF3fj2OC9qHXjdAxADH56S7bG3wxnIMVNhqxT/7V0Y1nweZy3gYToC8pUHE+zxnhCpAR06iSC8wnkjLaqpCVlKtPYhRJTLPk1rWHENQS1AwIVJ0dLmGCqgJCv1aSnX8ykRiM0kaC4lYlK4BZMfe4RATt5UI6pKjv4lwyMVsdykQdOWcJSowADRSiLT4bui/4SBPTdpLTtN6SYpdUJ9UcoZhg6aK+KNEfqgcXTq3uiGGILX6yzXjbcHpDyFxn4skwGTqBoN/2fnfGdiWvP4RdZEtWELphPN4ZboGo8iQT/ztsni0ZeTykuWT5q5wQUncQCrAeaDvTco3bN/szi0Zngs4sIPY87WiXAhz5GzA44y2UMVZhWtAkXD3Y+7WgtDs229/r49MSmUElTC4/oxg9wSxpN1QtvWKdzdOWZdmQxHFMKM21ys0yezwo5fnsH+6XifL+MBaYwuiJf5B6Mvh83M89z19jmD4xfJd2o1MhaC0K1RMnarSYH4Y26q/2gnnN+Os8Jaag1wZhKl82M51BjPZribLj7yRlwJOKon7p+NLkYML51eObXv7Y8S5HIWNmaZD8CfOC2gEngVl5bog52wpF8xko3JtdOahizovd5G9HhG8IBs37rwzOoVh8J3wY1XGXFXie7lvqwT0NgCkFFwwD2K+GuEqImrV9iW9I8OOYXh78n4FDw2DmLQCW9cCMmFypkLlLxmQ/5JOJsGsaF/wklSZ0oMsS/wC+GW1AwNAO/e4iimNfxH2gD7Z3lTD874JFVhC5gfHgEv3M6NCEuoArJh8Gw2h38EpqlNcgAdnF7fr4CcLM6VFGOw2+D1jJXGQ2RUgZnhyPZSFRN53AQROcfuvBEzIXUKiW82eh3b3/FtcxTUbno7O9xkV0S0kPPYBg4BKK2Kmy5cmFLS03JKA5KvcSOHT7QpVG9oVXDQtbk/qGQZ5osd2Dr/pR5lmjnqHMbc+530vx4vgWjKzfutTYTg==,iv:QfiqUy0j3UUyhgyBZrTxdZV1MHb8+fugIanpWDOrzX8=,tag:y7lmjUQD6mBOTcEZBL/iyw==,type:str]' +isoImage: + passwords: + deployer: 'ENC[AES256_GCM,data:f8HvwuwgSQZ+FxleRdE=,iv:w/nOspDYaQJYUrxDaatZqfwzJz/MtosLLOw3BAi5kps=,tag:7ZxUsFiUsX4r9nx6Rf5LCQ==,type:str]' + root: 'ENC[AES256_GCM,data:llk5QE87o2EwzNTEfOA=,iv:xAnpHVc2rv2Trex1YzCmh0VEKDC88X9pWdFoOfZeofs=,tag:/Z6/tjBZuZMd0xgn25qrlg==,type:str]' +kind: VariableCatalogue +metadata: + labels: + airshipit.org/deploy-k8s: 'false' + name: generated-secrets +targetClusterCa: + tls.crt: 'ENC[AES256_GCM,data:dHn0PTHUtSPdvuojub16FQDoB+l2ulLdo+GlPKwRkjhZMigNu4V3QRSSFKM5cnda9SJbk8s++RuZKuq0r+95mqqsCCg5ygQK2dh8yimyEmax7bxXtv2iL3SwVFf4CUa+lmyV/rwHkagjQqOZAmgVlOE+lXmpa76DrX7U/KlQIokyYrt5juxNcrjq563j70obPuyapFHneEoylwdM2NXwBVO6fzX8oz9DOB1deBxsiCkoBfQRUbiH4V6r8Oc1XvGOGhCHMEIueFXy/f3IzzD3HREH6a54l6Q6E/OmK27zsqYPYoA5L9NG4k7FZLjZu9UsIMKk6V8YN8oUYUX6AYnlyiaRobBqVoLf4j+dHibgPkQC80iK5fMq1Ob/4uIxW/cm/iQwtn/tHhha36Ly9BVkLUMirk0jgcZIg2o/fpYohaIlcA86ufhpr/p0mNe2dinreoTWcZGSmTwNwGdZrUbYBMJnH+nNoj1tTZVOd/L6skHCvL7/l3WJHflaw+S3hr+WAEjz5vJoxgkU3V7myz3rLTfMA9Vl+0kxqcrLvuZQl8AFwtuZm84AZw74ruheFqvGs1z/dyoA1hkeUa0MJdg2iOot7rt+Y6ZWwAIgpPEAaSyWuviI67N/dhpkM9BNutALjwJnHN9uZS30YzZXCFpK1XM7K68nvuHVKb7JM6SIzMT5DahTqXfJ101gmMIMsbqBD9p8ftQTwYZSMWmjdojRlC25AtaD0UHv9G3SXZQyhgU8ZFmFI7n+gtwihlozOcAo51WvDRKxbzwf4wrY2VPORgZa6L55FF8mO1NrDrCWTbwDI33Me0i+tqYn36cOj+NF7je6Reu9DpSiECH3+a2tJsD2UGxuL37dutxk/PtXuG7N6TfGj4T9lVCbfaLF06i3oNrcNSUKF1pbMmOM3e50FOZM9gycfNWm+ONJk9frzTT6lha+rDEvsGld/6+gHVMWct7Z0xDgjohlEjs9YjF3gjQB+LF9I5ndRRbPXXM1RFqqSdkz1celXD6ZOGGY/jtTELYTXrnn14gYHhxa4NFQ8FSulf47DpeltBrUedugwuXfChmn+Ty1/5Y1Owm8fB+xjxGy+8FH6HonEzJBOVQCFnijjJ4TRCUIztFsMIMM1CdVlr3/ivxezW6oFyuqRpq3p9Z1MXZEXrfMk7vI0pSWfHl4gOCXTd1dDLSGFfpdqjxe2mL9FhDvUsXRURDnWPxAnYQX3D8NIuoykIaUyH0T+AVfLH+H2lGssQ3AWogHSVz5WNYKZze2YcWlGuGWogTLhaRXz131Staqqb7QHRId2pWsnoZCWNcWg9wGVMRj9RC5IGMmXNKEIMZEV4YPsFPh8yYv0iuqOi3ZGcWCZZIB7LiqkOkI1AoZaIL6zuWC+WOahsvLnqKTMDyl7jTZle6sQS8AiDaM4bZ8GCveLFB5dN1uwDD8HA7rmwHi6j6udN6Zki+NYj4ut2Ci3cfpWFgMqzTwn7M7cooq6a0TYicwgNnftKtY9trr9KUI+s6yN73bXxK/ASfwABvUGbV2pLZ0zMjiAk0P/M9n11VvleeniRMsziYlV2ccRLYC3KLdZdhtvNnCn791X2p1E5kQhMcziGDA4MeaoKY7VuqW3PRSKC/bze9UWrwYMYmnktXNeY4uWurP1cMCGOuJ1N0IcKHnwmvZHKB0ZAxlZZTl9SlZ7ktzcLlaYUFTIYdp6RqoT7vqnDCJLi/POYpKq9CHSCuuqJu4vnZfW8fwi/CBZQt/VR/jR7spVk42UYjvWy7G7DYy4hsaNZBQM+RS/59vgOVBwdvKZRiNPQUMAGvDXYMbp1slU+xHIYhp+jyBflt9RHuaKAe6eFyDEyLz87ccvqBFCDSFbKb5VSW3gTTfV+YU/L0kkR3ZSLghg0QQRwjXJPpacmP6Yp4DmJYsJpF3Hi6gUD0EwRBTPhGkIgM3FjZYTE9BVBA/Q+NNmH7MlA==,iv:6j/U4n0YatBxXxf+gUi6EzXbJU45jc9KZkWOtN0QT60=,tag:iPR3lKvc2h7hpOr39zcI0A==,type:str]' + tls.key: 'ENC[AES256_GCM,data:nL5+ONfbkauHH6DH5ViV42F6u8Cvl4bjiTEgUOmbU1a/nyvUUnLCJlaPesr1iPlj+VSlAEjj2FSTy+yi/4QHhdpql94dPCH0xLQFIZKqMegHXuT/+ID97upY0Zcnpa7vRYXbM1ev5dIN+0TkMAaVuCbXvMHG0i85kNKj1FsuLBgvTMfs1IzSXm3WsVIsUJHkGZMPSjF+SvfQ8hcnEiduLbkeEtBoOzLSk4EOgPbrruv550DR3sYb84kpRdf8gUpGzRq1Qkr6ELrnG1f5osMBUOwA1k/AiA2LCtEUPJJPb75V/AMrPQxQke0C7c2m/efk4OdJDpcnlqVXsYQpk3MX9qz99sYS0BiCZ/7cy4o6IwSX4lU2iPQV42JVb4oAkAleCja30OhO9cIAiW3QMBoYhSxD+sFHnW1HiJdsNhNBupNk/d8Vkv2VQg8+Rz4dgupd8b/VsD4nALaYS84JK1IsWClbd0y740LUOa4S/XSa0gLl1njocw4bg98XGBjiEEG9CB6jBOgS5LCL8hYdE7a9FX8iCRwDI67MU0ah7vx9hWYoal1Ke/xLWQI/D0aU0Zg4RXiykOY/HfLxzpD56CrUq2GMNw/iWzDXoCCM140G5l0vDBINYAbWtpYqRQM8aQM8yh9wTgA4PJsSDLOZCYi66GptfPXQXjREyTRyqVOx8AoA95Qp4ggVcGDz9uRYYgZknxc6gxcsPoKXcY4JcwwK9zp3dsxYN2GGVDgHstzVGRiWrm9vn5Y1Jy+x0ndvjC3HegEGju7OpkOsVYMl/u8mNCzi33efGHkA6DqCXA+n0DF8slHEeb7SngQsP3L2UbfMPOPSMyFFXYbWe5h7YP1DvPhsrTEAcvxIbOl/aagh9GJgLpq1pWFgYBL+4Lko67gjZnZCd+WTw3/R1W9jnuS7AQ+x0Lzxil6+fGIt+tYQ4QZChw7rghqoGus6UzcATe6BiSwHG5Ltj799iqsuLUckFFATayWSHYfDs5CsNokNqQRTm9Ko2YXEigLb1J230WgoWBgaeASL18vZ0b9Ziy2rWNC8ZHBis1mYKZvSlKhy5jgXBWSDYFjI9DPGp6hWbEefYd1KpgVN1g7aHkv7dZibKlEM8OkxB/jdncAruO+I8ROSFfj8iWVFjPuekLNqrMfubHJbXgUWOsp+BzQwgtsqpjVHFK55u0bJNZ/v2G+whzQA+VnU8RS5SVCV0ZpzJIsG06lBbhUGdP4RIJjhRwy8LI5fjwNshExsZPC4FcCV3n8bBb/8aqJIl7TQ92trz4QWSo8Yo/6rdKCIX3/zADHHfjgPjOwLw1Qy3QrMc4kxHcEk8b9fgHf9+Z4H7k2ttdco2W9Jh2utNk5Qq+Zms3XTl0Cw4gIaZIndg4Qr6ZBCy9kzLva8DYQgJLNqgrh67CZ2SRGnytkpNYQl4KgCzbAGdKyZlGisUXaqTMwFxGEMb9P8HKgRUo8t8mB0OySg+2a7UIL4EcQLQLeCMyLgCtB0Mi06bHdh9Mo4AGCFGwC3ocXbn81DdpzMKQDzKlqxTFwYPKn/PP15TGAhQaP/29ECAFiXTrouvl2wmGnpiSsFKWN1391UzO21eBmxwCMf970M5uDMeOak1gaqxJsW/ck6BnjmUHSwZv5r/pTBh5aDjDiylKC7+sH0/Xe1upTcb56Wks7rj8hf6Vf9l5kn9lZZsE47PeHP3JZgosXyKpNdMmKsD/kKvMZ2X47KWfRZoMNEY45rwnnYGErKAGqooGnonP21eXXiXDgTHt0ykGP0A/ecDMLFYVWedLKVb3pUi/R907GgMPBThwU7EZNZgnGLzqTtRe/hCZvJt3DHBbHZPRz/Qy5RC4zZftj1HQ+B9BXhymPembqSv/DE7AwvFHjP2W9ZFsPwE55AnldTcRGfTmKIz/Z39qf1u0HP1hV3Z43TPDaE1HO5amNQir8c9BdKocyLT9TgErX6EnqEiGB7lGwbHDz52VSHxQAswU/uHBRSZ3VaZ5WOpQY1Wq6PqZbvVxKXASE3zMoik9SmICfgSeY/HJZS2fHk5rjm7uKYgEL2Zkg1/hxXIQJs7slc7znhM8tdKZoAa5Do753cidM6PmbNwD+DmBwT5nZVp3KA5ffaMUW3YkzaeqBgkBxnUamhIwgx0E7kyuvzJxENm4XITI74wNVmFYSJW5CfI5zPKf9yWxOHDFFH6v3hdoLOC47f0DUZQEdGXmVyRQcWEbfgmiZ51qfdi88A3CuUDmR5VXAVpA7+7wZkydSVNWfViOCAiKEWRutMCtxktWTTNBCLOoaC/jEOjbuD2jPA9SzSwvPnZeT9Q3osuf+VxiwzGIIND4PpMHrG2BYT3SojLeIzOpUFnYYRbV0jdU3qAglJljJ87r102UfynejnJpyElPPh13mZNkHUW7dmWQATqxux1bX92ZfbSSMaJPMulK9F/DkZUcV40/LAchfpPTJ0o72pTvVi30o5VCOv5XBH0A5+clQ6hs2nLY3vd5TF+EsgFynRUoqPuP5+WSUO/zVOlpw/wd14wHmaud4c2Z9q6bDJeJmJgUSmI9LjlK06FSqnx9AEHLV7LZA0s4JEoBoRSP0zOYcZ6KeJGbS/kDR53s8XMq0bt+thCv9AtR7L9dogyhC4nDFdqcjLTgx7A6cQ8sh8wmwhWEvBEZ8pT0cgY5x1RYM5ae3SQSK8a2NpXg/X7o0pECxe+YIYtt+Go4M+6PS3JZnqxL5bHUcAo1M73BNku0in724EwA+sosvblLnutDUBvP4naOHC/RN9c8QgkLCHIy1y5+NLWEanx4yTvbCZkZbhqLSCsX6Aoew4eF5ep6Y2BNiAo4cXtX4FQvgzBqFFu9Dgwp4iPs0cy9S9w3bL9ELWmukwH3DhjpByNQ8UEfR5UFsb9lRmjtBdAGVkdaJAQxah1WWitdqRZjAaAo6y6sRFLM8FcXqSuCjKXTs6VHWiLLhSLCWAFFRzMNpGqnunOBhk4uYpn1/XSVF5UA==,iv:HFOdMUDdmYFat6lW7YDJeCvBSn4HlxEBHyBQ4pYi2cs=,tag:w/Mf8KeiAUjky7zcR0E2mA==,type:str]' +targetKubeconfig: + certificate-authority-data: 'ENC[AES256_GCM,data:pS6RXSBAeCT5kKyphp3sP+R8ps+CXvzEk8uSmW4vzuehcWioa/a7f7tfjBJWJq9QwG5tS63j/ijHdNcFne8aco6tqQSShqsH6uW7t8CrodB7+2cbRsoZ0Nr2u4Dl8Xddp/YHsCQ5NUHmjzYEADUn2Rg2vYZS8xVxB3iwHqRSVkWCCJRxYJiAhmXyy0xaYX5od11Yucqu7Fv3PUPP/BVZpxVUmk5pLRueZi1Dhg7vlVy9IdV26NwCPCyvRVPldjWfWptWnRAEWusn7efVgpIZpOg7vC+MEuvgIDBVqo5kyuKEHBOgzdhkEj9X4tUyLxG6qxYJDiEbpqPZk75yr88UHIqt2jDjd4M59AEqqPMCPWlOYrlueSyUFRC3z7r3bZPWJKBEB/ln+g4MeC2DbkZ8uyw9M/vEMzFkPUm4OXJXdU1phieRfRuAqxNLktDDRsfSiZfqG/DXa2cYBGa3E+0AHhmhGf6XeSOesIW2bsTdS75Bq9k00N9HbMSUG3IfBilajlZ6cTdwqvQNsVU7R/lKhfIKT1RJdx88Kb8SDgJp9vEcqsDyMx+TzL1LGkXcUYo3Pe1dR2mQ15l2vTOaWBtitLzM8d0AEtfaVfl9LCcDn4uFwFQ1P1jYHB75ULSK3Ft1VT1GfLoT9+vogr8Tzrz7p3q+glHHrBthuWPPga8zcEON8rYk99B5EFAEf+SnPQwDMnQ49aE8W40pyYeEgJBy1x9/I4EhZIfsIGjz45VX6iiGl4QV607ced/mZ0f2fzNlWorxxTSeXhIijyu42V9vvM7tz9Xl94FevpWbNH96SIVLQ9Bdl/fR1ZH2osZFmv6g5rwqY40FOVOR0KF0fWgBF95qUPsfSXQ0jVMlitv2tn5ijdYigJORccQxluFIRv9MdRqKG5GLrhG+OP06Tvl9agvArgHBiraTyKySMv0oq0+holFoGLUpOsCg3KenOeRbUvadkDRYx852H/s6nU9vjbYn5zSUVLcpZG1UWQakVcIWqjkQWvDtqv5td8gzSRJ8RkqwuXT0LIO79JcrG4LO38+8Lr65whuiRAC/W74F2IcPuPS0GbpWVyovzkhG6NutuJ/3hh8NHF9s1wm3e/X3SCsZKJEbKTH+46gc3T+Oeqpwc7vn46wsyIn8ix45kEJlf359eTQALYjkY2qIZSf7qwdvlN6W1n5xnPDgoYLzY4ZIRwiQruiTebSDvPwcbl0q8rkYDLLA5yv30RKvBLlyMyfWiBc8zFUemygHIRR3LZ7bDEml4Ki4grpJmArDegczeKNgoVJfB2D+QxTHOLpgKVLugxUkBnFFonFynAgnrS7ANCN2V8iUV+DRBsbL3etwSozVFs3IWYxlmqrfCFQzL/Tw+e+9RbYdCO6+5zIZJH66ThJYXewGnjIQmIjXQWXQFQ6DeqHVUM9I5etmFmrePj2vCDYPVOJ1xBNzePhKKy/HxSyb89ljiybMOafrPsMNXZTqAU8csii21Yfbjly13oBavQtzms/KtQk4pmoRRsXsMmMPX9GZqpRf9QpLkJQFMnQPeno9aGNf/5Q2DwlfWxJaopAR98CLJFKnx70pDS4DKeUUXFC/jAxm+Z1FNJqAtGRARxFnzZcYIzoMaeZ6z+crD7o/ALukrnIqWtFDJh/CCGJ6kbPup9142TxCK0DbQTobPJoIx0dBw4s14Wau7p96gRSFXni32FnBKE8CfpQED9qZ2y6U2MKb+7qaI91PRs6LbGJswmum9n4bPKcOiL60+n6PRd8gSJPpJ20M8OYRZuu7znUwzLf+G6jumLG1Aqwvm3/eWU8o4ouA/MkatrisR32Hg/Og2dw/L6W3a3shqh9PLg7GcwhmhY87dFAvfwiEYYx2wG7Oowm+IOiNOnNUaL6Ax3xWpje8Czp/FCHXI1z8E/ZHHcuEkAHPZaid1x0sEE9n0s7GeaI+D9FLPWKQ2sdbaDZgm9UG/w==,iv:03fiX+pQv3sINBBiMVG0jlszcRzBuik0+YLVs5WrQM8=,tag:/n/xc2EHUDbcOuAxZhPV1Q==,type:str]' + client-certificate-data: 'ENC[AES256_GCM,data:lmhhxijI7HD/SZRVrQMYo8Ngo4V0DCXDOSxn63cVePeSf8j9QbBJiwnxeZvPx+BMuzu/bv3QtsE5rUo2yuq2HZv8Ju+z5IQPrv0wSYYq9WOpi2SDRnN9Mn0c99TlkxxyJ/rUJsr2i2PlVhuVnKPwNqg/IXp/SMJp2FFiws2eIs0CglClzns/IgzXTJXlrAbVZHhD3YPs8+1I1Kr8cDRTqV6eyzWQpc6evzcDN8AK78I8uFNrLJjCbgh7CnSsnjxYngeF6B/bAqAdyTBxMjeU+GIDIHYmNKn9UlIdeqYC1rZx4Q359gH5mtFuGONDxhml7ideeNry7yPp6PuNHi7Cz33gyFzY+uiKZAkuCS2hucIfSIUOPLYlp0wcfYAxVCAwUUuvan5gE3d1SRk5BjMlseA7UMIpPX5lyB+9tek+9AAYyy7TczCbXWWM7GFYdwTYAqWwGx10fjblwvIwpK++MsdNQZMCHvTUbq83uSyCSb3T7hR6YG/qGnWcwUmJYj4iqT86Atr9rC3CSFwW/0GhvJmlMqMyhPB+VPlYWxqqASIcm8mqLFG6aCeODRvH20kzcsM9FVzO87xJafkOEJBfWUyn6m1GN9V/5z4Y2y/4VjgpksoVT1sV7jimtECjXIp+NCNyNKFc9w7YzSZW9FuvBJgMqzqWxJzupiDP1WiHpa5FMCcL2+k/jBPEqjL0nInWdNAyIc2dtnVsV3wBfhNAd68sDA3ele1HRBPE3OsGDxM/a5mzUu2HFVXdw7+ptq7Gv7qxUxWFP2zw+3cHDIM2Vkg/mPP7p5NMME4DnUb1eyV918db7N4TNJMm8tU/dYfozXYMjq/GpH/ubCaFg7pGB0qLCtkgVuunakY3ARYlfsi2i21gJg1KnHxWJDGqmC1ICjhdWybBA5xo1jBL5nhxT/cxTIRSeFEAYDaN7QTSQjwSrAQNysyUe+gSq8KyrkFMZponlIE9FE3CVhYqqbd2TXOvi9a620Y+Oke0BJb0IUNuaMOfveLTp8SmmAtaxFN0mQjiD1XIAa2L4EYnSj0WOChNuVHrSntiGaJTIrXAA1gto8ysU3OTkAeuRvCZSm3iYiKl5Hs2mmVae/oDBoeyLDviuS1olCFxiVItrQh5VorvBQuytogQMHbMDKk25c2tn0+xYCyZgsnSMPvommIj+yBbKTT5Rbc52AX8L+I5OCQLj+8nYrSuGh0694lLCi1Txqd/YLfHJu+QwrGg00EQga5XMRToHxu0SLqo6H3BA4WnwXsdHNt0wQeQB8L6l7Mc9yC6L2Iv83fkbdOmNHxMVwYSlmEmiaapaE2BArc2eQu/Qcxy1d9/VSoscP2XKc612g2yNCaDQk+zQBcYOKlM+AYkiVwPDsPZ6SMePzIYS+U61rhdd2VX3Wdp5bfWSI9obobey6bv7ThYdrR0T9Q2SzGZTY4a45jSTLALRXf0a9onZemD0wNyQMDFZAr9g1LEIuYMP3wI3n3TaAPtbdhBXqy2qrnyyQewgr3B6b5c43pYgmtwhL0eqPWus9/ud+mlvn9mpA42/GDwdzdvbJh2U4mzZdNQAYiI0bDZ81e3BdZiGF6w5aIiCLX/vgIZF40UHKaEJ62bdT8z42Y3kQ5CDDsIQDTWJtSxKkvt/OFDqHmP9zv/9paxekUzZA9PyI46pJUt3gXebpbCIXY0t4JEWkVATbKODApohY2arCLU4uK4X7DMKHnE+N54xBXHX1cfw/vCw2xvlHnrgbqEkEgqgOuVIKIbQJtmdwFr1D5InndHMtPB8EmHXW/OgRRnzIJ/OY6YXTTVI/9f+SG4SZMkhBoCfOP1h3jUNAQWcvuuhUxt7/4JHVF83kVnmD0u/9E9ObTP/56mDcExANfQjLwsNycuyz3x1Zns54KSUSwZi6kUhc5HttypfLDB0iTZZbqHCIwQgqoAy1FzqCOILCd7h78gqgzDnXF2tqoW94klKAvOx+fFfdn62P60MTpM6Rxq3V6hdQ==,iv:XFuBTIQJT4ns6M00T3HWSGHdknjsRZ4cRZQXSsLiOkU=,tag:3flxFrWSyiuyiyxGkXTReQ==,type:str]' + client-key-data: 'ENC[AES256_GCM,data:vlksLx8mgfvfu5Lnkv5DJrEUrsnT4Huknol3zk8gbcbowbB8YmHyjTWLEJ1MsAMJ2S1Y58ztnYmo+fXEoK0QXkiLjuIz6wFLZGUFhVSRQC1zUecFZgv74qAigwFcQ+HwFmYdCynNB1BXlZHRLMXYkLm4iyAGgJZw4zq0aown/DE0CYEtRm6oid4eOf3bdW2JD2TbedgQWB0wTVdgESn3kzT6xzS3i/7xlXwTzgDNmqW6noTsE7LsaUt7XM1y5R1Mcx3hYl3YSi60KIlEe1azavTjtM79uSoJabjBQm1RtPbbkW/+furP0/jgXXEz8N0qHmvH9CCu1E2YJS67RDEY1+Wt2YvfPA/wbtuUwc/HptbwCLXDdAlfKkIVOp3TyJki9e9RIYLAkSO5ljoJbeYZlzdeo1atTMLFE95o7q/Khj2w0pdLrkzMwE870Umg8DqlsxDcaBFgzPAbdWHNzr3gGQ97Jfcqnx6hRO4019gUx020NtZWCVg3bHTJO2n5A3G4OeG8mY/CFTZ3Xw04ECGj9aWbeHKXCGnpfsw12UbGYDUkcaF5UYb/Q5Ly6j9d5kVSPIBUihTiqdos2MmWQ+QdUpPYr0eeSR+5+3R7ld2yTla09jEa/ObvEGYRR8rENR3QwVws7g8+M8Tr0JeFGGrrhx4Uefs5Vrs+hr3UfupbBjuYGFsAqbbjgh9jGl2JY9bfbbxHdB5+72PrB6Wdg1E+Z64RBUR9cSD+7E7KZRBSMfEWGQEHgjAmizbr7vo//Xb1hcbRGCZtYc9fgDq5DYpe2UtT8o7C56TSR82nA++/GlzxoJgE8OrfyOpyqdTu3nIZmOG7WLjA8D+UQXhoIUXiSIw2RaKpqBvdoST+oE6KKu1l15SXJN+vYSKtecw3mjMfEBwN+OxMUXgJHKVIM/+W/LKmdc+yYpJX1ePoPGEl+N8xF1s+lGb4Ml6GYZwN2Jn/ePd45IQedw0Aujn4Wnh3kVZ3mjRCB24wAEH+Znp0mshGBJ5AEK9b2z3oPlGw7Q1Ii+prK4mD7ssvm3XfqRvew9JIYvkrcbUx8XlG48FOeV325Uj13H+GTiVgB45rz1nJxeUlEr+u4zQaUAgIFl/4N+akADIHmV/NyOOUOdDFXx+dOch5KiMZWNk9GDf3fxC+qkATIAPn9zaZ+HMc48wGTBsMbvWkRfOCSiA74Hf181ICAxVeJYlItTAqkSKRFI1M033dyeHx4A+jRGAJFXyyKL+4DW3J8qW9C3sMdc8yv4gWO80fwL5o8TUyO4yrFu87H2wQwAeZPzvE6TPZAYdcWgzaPss8HTMfvJ8g0ufC8r21EuLQR9qlzPUxgOh1DHVe3DQ6+cOsNJKrVuaKfFt6/KAzOWN/16x7HhjxIqZdZYV2Ei0XfbQbDz91cuQ5vfsh4Q5oT15Mc/AyoNrqVfdAsA8370hBVDPe052vuPwLHwOz87oR4FfP9pl3ynUGRhl+KDjHCpYg1+TYIBVEsPNzFBtDT5v4OWQh1gvou+gqdvb2W/RyM9lyEv44t7KqGAfgMPxNt2FuGgOTWY2drveVSi6K9qxgSqzFh82CxxyUkNOwSjajnr1Ssx1UTTMt+11FeeQIsMEKnokAIJTV78w1ZF/MwXDuqUGc/faunsNi+i/zIiAaJPz/F8Aa2hza65AbuQxnQqytEpTPV/DKXB+XgHiC02N3M8mE7qlF/zD3JWBt/IMThCaNT2p+c8Bckj5ce/9ESyXsNyh70A3Iw/f1Xep0tUVrQoKMmBU0EOFFHZqyBHsjpU3/IAWV9QAG/ysR6iBzHEbRIuhP1t/0IOKmZ7FeIQYGI0bBfyP1TumgSQNMCXCiUirPZEINYV2uRZHhA9SXx0MOo9EXgFNDRrW73RAj450nOCkY5iEwS9LXtswApNQiLXsvkbZ8eP7rwsvCaMfB5QtJ09eQaRjnz1pjiB+cXcweFwKT96qGFcfHzYiQCG7KIrGNckr2w+EZWLq6ivy1l5jwngKjMFfqJ/w1aI/qumWhYMOXirYf3HvGXaSSO7SWfpTYgSA0p9m99FKyCJeImew8Ef/QZKo6Tc+9zYRKuXeSlb+mdnXnPx0QOHoICGa2Fs4/OgtWAtWPb8H1PsvBtp05DctfOgrhm8g5XwOpqrr3NmR+dSjSxQVr49lBsB3pxRkffMB71pl8vzIYzlV6RDNMkPnFFge24wL776M25hyXqArtPU/pORBDaFhuD2RFI5unI+iOlqOwNGkf2Ta2MQ0QLiD1iaPy8wCIfViPc79E3cDC4JkP+TauS5dq9OjHTQz3aUaE4pnrM1DOTUld/YDjk3rXFdxTQ80I6AdVCWZGED6JrMjf6Kgww5Ygw1Q8pznoBBKy08nFW9BNTvRozYjYMH56Zk0zxFiw7iYEfYTXLYHA8uJTduDZh45wZYUd3WoMobNi5h+VjCOBoVhFAGdz+aUVvl080dtN4dOOvBcYUhJoBALmsWn6ODyyBnxEGuY+2Gul1jkDMs40ciI3BIq4Rtx9I8JdHhRrXcPDJW8WqkuevUxZYUawE8QC6e+ZqoPNwTk77yPsHloOuxRFcKAvwymQAR828nynFKnfA1zk8AEjVTyzTq3km/QLdKTh1j9EeKH2HZHkjTrCI/sS1MLfYelwAAwhg+h2sY6o9J94GPydYV6lGMvEINjuWRi03yeoIsUVbq+YWckj7wup2mlyntgtPb8RXb/i9IFbM8gjp7vPqn8qFUALT/P0dsQ/Tx8ObFdn6KLVEJikH8f/ZjdOi/k/a0xNtyxLtvJAWX6gMkSASt/oZQ8g+WjrholxNxZKbcJvOtSbaZjJ7MvOpjwx8GLWc6lH6n5sKAvd0Yo3jd5k1te+MJybWrMbLcwPUY+uUUWkY8OkGpq3nXliy9R4cpxsMs0VJ+9Z4dF8B7vpwLS2gfPqbCKxaCAs/u1KQcUuLOGBQQ4mjLTWvbPpVDSH4wQzWvucbWS8c42yD6RsAjJ63+7ngQ==,iv:k5QGyZdIRwKnMuVqG1qzu4iyaLD1HxvryjV+m4H7N8E=,tag:GDCtPo3HUjHUQvpV7dBS1w==,type:str]' +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + lastmodified: '2021-02-04T01:31:55Z' + mac: 'ENC[AES256_GCM,data:2WFdA51KkN7/cM90p61XTPUjykAXqTYuM1mrGbh91GxRLVL0fBNGljCb5PCPY/Ir3xnP7VFQN6LtBwmLFdj+7spj4Y40srQBU4A2e8j9GzuhW14jtvy2de+2v2wG2BZVllyaWKbu4+Mzav17eK9mscawPUCefed8InxXiF3yV1c=,iv:XbAJ3aHV3kgo6MLGTYkBzWIGp199l1B5siXMiFBXlUs=,tag:Q/cz3bQ87/TwAAsikORuNQ==,type:str]' + pgp: + - created_at: '2021-02-04T01:31:55Z' + enc: | + -----BEGIN PGP MESSAGE----- + + hQEMAyUpShfNkFB/AQf8CFwdvykoBIMfsOO9bSuz8Cx+IFhJGwPPEsSId+q/EFdz + tCop9SpR86AB+4T+MtC46uH1+gcV3Ko/dlXP++49BQ0zWpzgfDxsnnuudZyNX19D + SFmlEHKBniKavLR7P3Qg8GJMpREVkjQTRgSnZdwttWXCmFGtnuhBKajautlqK7Am + 4J7iLGIiY1ynmig8JCJZ79CaSbyh8+/jmvjrx/17mR59HYUizH0P7FbPwAwDpoy1 + lFh//AJKJ65Y51ar/hYC+ljdgE91UNiF3zsSETI+Lp0r5y7XG/tKeV+tqQGUdhvn + L9m9eqrvAw05TD/o2DKZSoSeRKLcMlqNwxYko9YO9NJeAfc3RbCWltgTii49+srf + mwyCuz/BQwz5rRY6VP+QLYkDGmzEjekrJGqWZQP/BU44TihL06mv/mxY3xConG24 + Fy5Mi9UmNwsJMWBIlPEREantjbVnboiS0Q0DN0OAIw== + =+R0I + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_regex: ^(kind|apiVersion|group|metadata)$ + version: 3.6.1 diff --git a/manifests/site/virtual-network-cloud/target/generator/results/kustomization.yaml b/manifests/site/virtual-network-cloud/target/generator/results/kustomization.yaml new file mode 100644 index 000000000..1ec2d51e7 --- /dev/null +++ b/manifests/site/virtual-network-cloud/target/generator/results/kustomization.yaml @@ -0,0 +1,5 @@ +resources: + - generated/secrets.yaml + +transformers: + - decrypt-secrets diff --git a/manifests/site/virtual-network-cloud/target/generator/secret-template.yaml b/manifests/site/virtual-network-cloud/target/generator/secret-template.yaml new file mode 100644 index 000000000..53f0f2832 --- /dev/null +++ b/manifests/site/virtual-network-cloud/target/generator/secret-template.yaml @@ -0,0 +1,19 @@ +apiVersion: airshipit.org/v1alpha1 +kind: Templater +metadata: + name: secret-template + annotations: + config.kubernetes.io/function: | + container: + image: quay.io/airshipit/templater:latest +values: +template: | + apiVersion: airshipit.org/v1alpha1 + kind: VariableCatalogue + metadata: + labels: + airshipit.org/deploy-k8s: "false" + name: password-secret + annotations: + config.kubernetes.io/path: secrets.yaml + passwordRandom1: {{ derivePassword 1 "long" (randAscii 10) "user" "example.com" }} diff --git a/manifests/site/virtual-network-cloud/target/initinfra-networking/kustomization.yaml b/manifests/site/virtual-network-cloud/target/initinfra-networking/kustomization.yaml new file mode 100644 index 000000000..411ba4f89 --- /dev/null +++ b/manifests/site/virtual-network-cloud/target/initinfra-networking/kustomization.yaml @@ -0,0 +1,2 @@ +resources: + - ../../../../type/airship-core/target/initinfra-networking diff --git a/manifests/site/virtual-network-cloud/target/initinfra/kustomization.yaml b/manifests/site/virtual-network-cloud/target/initinfra/kustomization.yaml new file mode 100644 index 000000000..6d5e30e36 --- /dev/null +++ b/manifests/site/virtual-network-cloud/target/initinfra/kustomization.yaml @@ -0,0 +1,8 @@ +resources: + - ../../../../type/airship-core/target/initinfra + - ../../../../function/hostconfig-operator + - ../catalogues +transformers: + - ../../../../type/airship-core/target/initinfra/replacements + - ../../../../../../airshipctl/manifests/function/flux/source-controller/replacements + - ../../../../../../airshipctl/manifests/function/flux/helm-controller/replacements diff --git a/manifests/site/virtual-network-cloud/target/workers/hostgenerator/host-generation.yaml b/manifests/site/virtual-network-cloud/target/workers/hostgenerator/host-generation.yaml new file mode 100644 index 000000000..e197b455c --- /dev/null +++ b/manifests/site/virtual-network-cloud/target/workers/hostgenerator/host-generation.yaml @@ -0,0 +1,10 @@ +# Site-level, phase-specific lists of hosts to generate +# This is used by the hostgenerator-m3 function to narrow down the site-level +# host-catalogue to just the hosts needed for a particular phase. +apiVersion: airshipit.org/v1alpha1 +kind: VariableCatalogue +metadata: + name: host-generation-catalogue +hosts: + m3: + - node03 diff --git a/manifests/site/virtual-network-cloud/target/workers/hostgenerator/kustomization.yaml b/manifests/site/virtual-network-cloud/target/workers/hostgenerator/kustomization.yaml new file mode 100644 index 000000000..687f9fba4 --- /dev/null +++ b/manifests/site/virtual-network-cloud/target/workers/hostgenerator/kustomization.yaml @@ -0,0 +1,12 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ../../../../../../../airshipctl/manifests/function/hostgenerator-m3 + - ../../catalogues/ + - host-generation.yaml + +transformers: + - ../../../../../../../airshipctl/manifests/function/hostgenerator-m3/replacements + - ../../../../../../../airshipctl/manifests/function/hostgenerator-m3/cleanup + - ../../catalogues/cleanup + diff --git a/manifests/site/virtual-network-cloud/target/workers/hostgenerator/patch-delete-catalogues.yaml b/manifests/site/virtual-network-cloud/target/workers/hostgenerator/patch-delete-catalogues.yaml new file mode 100644 index 000000000..561cbc571 --- /dev/null +++ b/manifests/site/virtual-network-cloud/target/workers/hostgenerator/patch-delete-catalogues.yaml @@ -0,0 +1,35 @@ +apiVersion: builtin +kind: PatchStrategicMergeTransformer +metadata: + name: smp +patches: |- + --- + apiVersion: airshipit.org/v1alpha1 + kind: VariableCatalogue + metadata: + name: host-catalogue + $patch: delete + --- + apiVersion: airshipit.org/v1alpha1 + kind: VariableCatalogue + metadata: + name: host-generation-catalogue + $patch: delete + --- + apiVersion: airshipit.org/v1alpha1 + kind: VariableCatalogue + metadata: + name: networking + $patch: delete + --- + apiVersion: airshipit.org/v1alpha1 + kind: VariableCatalogue + metadata: + name: env-vars-catalogue + $patch: delete + --- + apiVersion: airshipit.org/v1alpha1 + kind: VariableCatalogue + metadata: + name: versions-airshipctl + $patch: delete diff --git a/manifests/site/virtual-network-cloud/target/workers/kustomization.yaml b/manifests/site/virtual-network-cloud/target/workers/kustomization.yaml new file mode 100644 index 000000000..e168397b1 --- /dev/null +++ b/manifests/site/virtual-network-cloud/target/workers/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - nodes diff --git a/manifests/site/virtual-network-cloud/target/workers/nodes/kustomization.yaml b/manifests/site/virtual-network-cloud/target/workers/nodes/kustomization.yaml new file mode 100644 index 000000000..512dc07c8 --- /dev/null +++ b/manifests/site/virtual-network-cloud/target/workers/nodes/kustomization.yaml @@ -0,0 +1,8 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +generators: + - ../hostgenerator + +commonLabels: + airshipit.org/k8s-role: controlplane-host diff --git a/manifests/site/test-site/target/workers/kubeadmconfigtemplate.yaml b/manifests/site/virtual-network-cloud/target/workers/provision/kubeadmconfigtemplate.yaml similarity index 76% rename from manifests/site/test-site/target/workers/kubeadmconfigtemplate.yaml rename to manifests/site/virtual-network-cloud/target/workers/provision/kubeadmconfigtemplate.yaml index 4bd8d4b8d..20b070236 100644 --- a/manifests/site/test-site/target/workers/kubeadmconfigtemplate.yaml +++ b/manifests/site/virtual-network-cloud/target/workers/provision/kubeadmconfigtemplate.yaml @@ -27,6 +27,20 @@ spec: net.bridge.bridge-nf-call-iptables = 1 EOF - sysctl --system + - | + mkdir -p /etc/systemd/system/docker.service.d/ + cat <