local PROJECT_NAME="${3:-"${MGMT_PROJECT_NAME}"}"
local FLEET_REPO_DIR="${4:-"${FLEET_REPO_DIR}"}"
local MGMT_RESOURCES_DIR="${5:-"${MGMT_RESOURCES_DIR}"}"
+
local NODEGROUP_DIR="${MGMT_RESOURCES_DIR}/${CLUSTER_NAME}/${NODEGROUP_KUSTOMIZATION_NAME}"
+
# Delete node Kustomizations
rm -rf "${NODEGROUP_DIR}"
}
local SW_CATALOGS_REPO_URL="$3"
local PROJECT_NAME="${4:-"${MGMT_PROJECT_NAME}"}"
local SW_CATALOGS_REPO_DIR="${5:-"${SW_CATALOGS_REPO_DIR}"}"
- # Path for the source templates
- local TEMPLATES="${6:-"${SW_CATALOGS_REPO_DIR}/cloud-resources/flux-remote-bootstrap/cluster-base/templates"}"
-
+
# Optional inputs:
# Paths for each profile in the Git repo
- local INFRA_CONTROLLERS_PATH="${7:-"${PROJECT_NAME}/infra-controller-profiles/${CLUSTER_KUSTOMIZATION_NAME}"}"
- local INFRA_CONFIGS_PATH="${8:-"${PROJECT_NAME}/infra-config-profiles/${CLUSTER_KUSTOMIZATION_NAME}"}"
- local MANAGED_RESOURCES_PATH="${9:-"${PROJECT_NAME}/managed-resources/${CLUSTER_KUSTOMIZATION_NAME}"}"
- local APPS_PATH="${10:-"${PROJECT_NAME}/app-profiles/${CLUSTER_KUSTOMIZATION_NAME}"}"
+ local INFRA_CONTROLLERS_PATH="${6:-"${PROJECT_NAME}/infra-controller-profiles/${CLUSTER_KUSTOMIZATION_NAME}"}"
+ local INFRA_CONFIGS_PATH="${7:-"${PROJECT_NAME}/infra-config-profiles/${CLUSTER_KUSTOMIZATION_NAME}"}"
+ local MANAGED_RESOURCES_PATH="${8:-"${PROJECT_NAME}/managed-resources/${CLUSTER_KUSTOMIZATION_NAME}"}"
+ local APPS_PATH="${9:-"${PROJECT_NAME}/app-profiles/${CLUSTER_KUSTOMIZATION_NAME}"}"
+
+ # Path for the source templates
+ local TEMPLATES="${SW_CATALOGS_REPO_DIR}/cloud-resources/flux-remote-bootstrap/cluster-base/templates"
# Generate
export CLUSTER_KUSTOMIZATION_NAME
local CLUSTER_KUSTOMIZATION_NAME="${2:-$(safe_name ${CLUSTER_NAME})}"
local CLUSTER_AGE_SECRET_NAME="${3:-$(safe_name "sops-age-${CLUSTER_KUSTOMIZATION_NAME}")}"
local SW_CATALOGS_REPO_DIR="${4:-"${SW_CATALOGS_REPO_DIR}"}"
- local BOOTSTRAP_KUSTOMIZATION_NAMESPACE="${5:-"managed-resources"}"
- local CLUSTER_KUSTOMIZATION_NAMESPACE="${6:-"managed-resources"}"
- local BOOTSTRAP_SECRET_NAMESPACE="${7:-"managed-resources"}"
# Paths and names for the templates
- local MANIFEST_FILENAME="${7:-"cluster-bootstrap-${CLUSTER_KUSTOMIZATION_NAME}.yaml"}"
- local TEMPLATES="${8:-"${SW_CATALOGS_REPO_DIR}/cloud-resources/flux-remote-bootstrap/bootstrap/templates"}"
- local TEMPLATE_MANIFEST_FILENAME="${9:-"remote-cluster-bootstrap.yaml"}"
-
- # Variables for kubeconfig secret configuration
- local CLUSTER_KUBECONFIG_SECRET_KEY=${CLUSTER_KUBECONFIG_SECRET_KEY:-"kubeconfig"}
- local CLUSTER_KUBECONFIG_SECRET_NAME=${CLUSTER_KUBECONFIG_SECRET_NAME:-"kubeconfig-${CLUSTER_KUSTOMIZATION_NAME}"}
+ local MANIFEST_FILENAME="${5:-"cluster-bootstrap-${CLUSTER_KUSTOMIZATION_NAME}.yaml"}"
+ local TEMPLATES="${6:-"${SW_CATALOGS_REPO_DIR}/cloud-resources/flux-remote-bootstrap/bootstrap/templates"}"
+ local TEMPLATE_MANIFEST_FILENAME="${7:-"remote-cluster-bootstrap.yaml"}"
# Generate manifests
export CLUSTER_KUSTOMIZATION_NAME
export CLUSTER_NAME
export CLUSTER_AGE_SECRET_NAME
- export CLUSTER_KUBECONFIG_SECRET_KEY
- export CLUSTER_KUBECONFIG_SECRET_NAME
- export BOOTSTRAP_KUSTOMIZATION_NAMESPACE
- export CLUSTER_KUSTOMIZATION_NAMESPACE
- export BOOTSTRAP_SECRET_NAMESPACE
join_lists \
<(cat) \
"${TEMPLATE_MANIFEST_FILENAME}" \
"${MANIFEST_FILENAME}" | \
replace_env_vars \
- '${CLUSTER_KUSTOMIZATION_NAME},${CLUSTER_NAME},${CLUSTER_AGE_SECRET_NAME},${CLUSTER_KUBECONFIG_SECRET_KEY},${CLUSTER_KUBECONFIG_SECRET_NAME},${CLUSTER_KUSTOMIZATION_NAMESPACE},${BOOTSTRAP_KUSTOMIZATION_NAMESPACE},${BOOTSTRAP_SECRET_NAMESPACE}'
+ '${CLUSTER_KUSTOMIZATION_NAME},${CLUSTER_NAME},${CLUSTER_AGE_SECRET_NAME}'
)
}
local PUBLIC_KEY_NEW_CLUSTER="$9"
local PRIVATE_KEY_NEW_CLUSTER="${10:-${PRIVATE_KEY_NEW_CLUSTER}}"
local IMPORTED_CLUSTER="${11:-"false"}"
- local MGMT_CLUSTER_NAME="${12:-"_management"}"
- local CLUSTER_KUBECONFIG_SECRET_NAME=${13:-"kubeconfig-${CLUSTER_KUSTOMIZATION_NAME}"}
- local CLUSTER_KUBECONFIG_SECRET_KEY=${14:-"kubeconfig"}
- local TEMPLATES_DIR="${15:-"${SW_CATALOGS_REPO_DIR}/cloud-resources/flux-remote-bootstrap/cluster-base/templates"}"
- local BOOTSTRAP_KUSTOMIZATION_NAMESPACE="${16:-"managed-resources"}"
- local CLUSTER_KUSTOMIZATION_NAMESPACE="${17:-"managed-resources"}"
- local BOOTSTRAP_SECRET_NAMESPACE="${18:-"${BOOTSTRAP_KUSTOMIZATION_NAMESPACE}"}"
+
# Calculates the folder where managed resources are defined
- local MGMT_RESOURCES_DIR="${FLEET_REPO_DIR}/${MGMT_PROJECT_NAME}/managed-resources/${MGMT_CLUSTER_NAME}"
+ local MGMT_RESOURCES_DIR="${FLEET_REPO_DIR}/${MGMT_PROJECT_NAME}/managed-resources/_management"
# Create profile folders
echo "" | \
"${FLEET_REPO_URL}" \
"${SW_CATALOGS_REPO_URL}" \
"${MGMT_PROJECT_NAME}" \
- "${SW_CATALOGS_REPO_DIR}" \
- "${TEMPLATES_DIR}" | \
+ "${SW_CATALOGS_REPO_DIR}" | \
list2folder_cp_over \
"${CLUSTER_FOLDER}"
"${CLUSTER_NAME}" \
"${CLUSTER_KUSTOMIZATION_NAME}" \
"${CLUSTER_AGE_SECRET_NAME}" \
- "${SW_CATALOGS_REPO_DIR}" \
- "${BOOTSTRAP_KUSTOMIZATION_NAMESPACE}" \
- "${CLUSTER_KUSTOMIZATION_NAMESPACE}" \
- "${BOOTSTRAP_SECRET_NAMESPACE}" | \
+ "${SW_CATALOGS_REPO_DIR}" | \
generator_k8s_age_secret_new_cluster \
"${PRIVATE_KEY_NEW_CLUSTER}" \
"${PUBLIC_KEY_MGMT}" \
- "${CLUSTER_AGE_SECRET_NAME}" \
- "${BOOTSTRAP_SECRET_NAMESPACE}" | \
+ "${CLUSTER_AGE_SECRET_NAME}" | \
prepend_folder_path "${CLUSTER_KUSTOMIZATION_NAME}/" | \
list2folder_cp_over \
"${MGMT_RESOURCES_DIR}"
local PROJECT_NAME="${2:-"${MGMT_PROJECT_NAME}"}"
local FLEET_REPO_DIR="${3:-"${FLEET_REPO_DIR}"}"
local MGMT_RESOURCES_DIR="${4:-"${MGMT_RESOURCES_DIR}"}"
- local MGMT_CLUSTER_DIR="${5:-"${MGMT_CLUSTER_DIR}"}"
# Optional inputs: Paths for each profile in the Git repo
- local INFRA_CONTROLLERS_DIR="${6:-"${FLEET_REPO_DIR}/${PROJECT_NAME}/infra-controller-profiles/${CLUSTER_KUSTOMIZATION_NAME}"}"
- local INFRA_CONFIGS_DIR="${7:-"${FLEET_REPO_DIR}/${PROJECT_NAME}/infra-config-profiles/${CLUSTER_KUSTOMIZATION_NAME}"}"
- local MANAGED_RESOURCES_DIR="${8:-"${FLEET_REPO_DIR}/${PROJECT_NAME}/managed-resources/${CLUSTER_KUSTOMIZATION_NAME}"}"
- local MGMT_CLUSTER_DIR="${9:-"${FLEET_REPO_DIR}/${PROJECT_NAME}/managed-resources/${MGMT_CLUSTER_DIR}"}"
- local APPS_DIR="${10:-"${FLEET_REPO_DIR}/${PROJECT_NAME}/app-profiles/${CLUSTER_KUSTOMIZATION_NAME}"}"
- local CLUSTER_DIR="${11:-"${FLEET_REPO_DIR}/clusters/${CLUSTER_KUSTOMIZATION_NAME}"}"
+ local INFRA_CONTROLLERS_DIR="${5:-"${FLEET_REPO_DIR}/${PROJECT_NAME}/infra-controller-profiles/${CLUSTER_KUSTOMIZATION_NAME}"}"
+ local INFRA_CONFIGS_DIR="${6:-"${FLEET_REPO_DIR}/${PROJECT_NAME}/infra-config-profiles/${CLUSTER_KUSTOMIZATION_NAME}"}"
+ local MANAGED_RESOURCES_DIR="${7:-"${FLEET_REPO_DIR}/${PROJECT_NAME}/managed-resources/${CLUSTER_KUSTOMIZATION_NAME}"}"
+ local APPS_DIR="${8:-"${FLEET_REPO_DIR}/${PROJECT_NAME}/app-profiles/${CLUSTER_KUSTOMIZATION_NAME}"}"
+ local CLUSTER_DIR="${9:-"${FLEET_REPO_DIR}/clusters/${CLUSTER_KUSTOMIZATION_NAME}"}"
# Optional input: Do I need a purge operation first?
- local PURGE="${12:-"false"}"
+ local PURGE="${10:-"false"}"
# Perform the purge if needed
if [[ "${PURGE,,}" == "true" ]]; then
echo "Purging the remote Flux instalation..."
+ flux uninstall -s --namespace=flux-system
fi
echo "Deleting cluster profiles and (when applicable) its cloud resources..."
rm -rf "${INFRA_CONTROLLERS_DIR}"
rm -rf "${INFRA_CONFIGS_DIR}"
rm -rf "${MANAGED_RESOURCES_DIR}"
- rm -rf "${MGMT_CLUSTER_DIR}"
rm -rf "${APPS_DIR}"
# Delete base cluster Kustomizations
local TEMPLATE_MANIFEST_FILENAME="${22:-"${CLUSTER_TYPE,,}01.yaml"}"
local MANIFEST_FILENAME="${23:-"${CLUSTER_TYPE,,}-${CLUSTER_NAME}.yaml"}"
-
# Is the provider type supported?
local VALID_PROVIDERS=("eks" "aks" "gke")
CLUSTER_TYPE="${CLUSTER_TYPE,,}"
"${MANIFEST_FILENAME}"
}
+
# Create remote CAPI cluster for Openstack
function create_capi_openstack_cluster() {
local CLUSTER_KUSTOMIZATION_NAME="${1}"
prepend_folder_path "${CLUSTER_KUSTOMIZATION_NAME}/" | \
list2folder_cp_over \
"${TARGET_FOLDER}"
-
+
# Bootstrap (unless asked to skip)
if [[ "${SKIP_BOOTSTRAP,,}" == "true" ]]; then
return 0
fi
-
+
create_bootstrap_for_remote_cluster \
"${CLUSTER_NAME}" \
"${CLUSTER_KUSTOMIZATION_NAME}" \
local MGMT_CLUSTER_NAME="${24:-"_management"}"
local BASE_TEMPLATES_PATH="${25:-"cloud-resources/capi"}"
local NAMESPACE="${26:-"managed-resources"}"
-
+
# Determine key folders in Fleet
local MGMT_RESOURCES_DIR="${FLEET_REPO_DIR}/${MGMT_PROJECT_NAME}/managed-resources/${MGMT_CLUSTER_NAME}"
# Updating no new cluster
local SKIP_BOOTSTRAP="true"
-
+
create_capi_openstack_cluster \
"${CLUSTER_KUSTOMIZATION_NAME}" \
"${CLUSTER_NAME}" \
local BASE_TEMPLATES_PATH="${25:-"cloud-resources"}"
local TEMPLATE_MANIFEST_FILENAME="${26:-"openshift01.yaml"}"
local MANIFEST_FILENAME="${27:-"openshift-${CLUSTER_NAME}.yaml"}"
-
+
local TEMPLATES_DIR="${SW_CATALOGS_REPO_DIR}/cloud-resources/openshift/templates"
local TARGET_FOLDER="${FLEET_REPO_DIR}/${MGMT_PROJECT_NAME}/managed-resources/${MGMT_CLUSTER_NAME}"
local SKIP_BOOTSTRAP="${23:-"false"}"
# Only change if absolutely needeed
local MGMT_PROJECT_NAME="${24:-"osm_admin"}"
-
+
# Determine key folders in Fleet
local MGMT_RESOURCES_DIR="${FLEET_REPO_DIR}/${MGMT_PROJECT_NAME}/managed-resources/${MGMT_CLUSTER_NAME}"
"${MGMT_PROJECT_NAME}"
}
+
# ----- Helper functions for adding/removing a profile from a cluster -----
# Helper function to find profiles of a given type already used in the cluster
local OSM_PROJECT_NAME="${12:-"osm_admin"}"
local MGMT_CLUSTER_NAME="${13:-"_management"}"
-
# Is the provider type supported?
local VALID_PROVIDERS=("aws" "azure" "gcp")
PROVIDER_TYPE="${PROVIDER_TYPE,,}"
local OSM_PROJECT_NAME="${4:-"osm_admin"}"
local MGMT_CLUSTER_NAME="${5:-"_management"}"
-
# Is the provider type supported?
local VALID_PROVIDERS=("aws" "azure" "gcp")
PROVIDER_TYPE="${PROVIDER_TYPE,,}"
local OSM_PROJECT_NAME="${12:-"osm_admin"}"
local MGMT_CLUSTER_NAME="${13:-"_management"}"
-
# Is the provider type supported?
local VALID_PROVIDERS=("aws" "azure" "gcp")
PROVIDER_TYPE="${PROVIDER_TYPE,,}"
local CLOUD_CREDENTIALS_CLOUDS_KEY="clouds.yaml"
local CLOUD_CREDENTIALS_CACERT_KEY="cacert"
local CLOUD_CREDENTIALS_FILENAME="credentials-secret.yaml"
-
+
local CLOUD_CREDENTIALS_TOML_SECRET_NAME="${OPENSTACK_CLOUD_NAME}-capo-config-toml"
local CLOUD_CREDENTIALS_TOML_FILENAME="credentials-toml-secret.yaml"
delete_capi_openstack_cloudconf \
"${CLOUD_CONFIG_NAME}" \
"${CONFIG_DIR}"
-
+
create_capi_openstack_cloudconf \
"${CLOUD_CONFIG_NAME}" \
"${PUBLIC_KEY}" \
local CONFIG_DIR="${2:-"${MGMT_ADDON_CONFIG_DIR}"}"
local TARGET_FOLDER="${CONFIG_DIR}/capi-providerconfigs/capo/${OPENSTACK_CLOUD_NAME}-config"
-
+
# Delete the encrypted secrets files.
rm -rf "${TARGET_FOLDER}"
}
+
# Helper function to return the relative path of a location in SW Catalogs for an OKA
function path_to_catalog() {
local OKA_TYPE="$1"
kind: Kustomization
metadata:
name: ${CLUSTER_KUSTOMIZATION_NAME}-bstrp-ns
- namespace: ${BOOTSTRAP_KUSTOMIZATION_NAMESPACE}
+ namespace: managed-resources
labels:
cluster: ${CLUSTER_KUSTOMIZATION_NAME}
spec:
timeout: 5m
dependsOn:
- name: ${CLUSTER_KUSTOMIZATION_NAME}
- namespace: ${CLUSTER_KUSTOMIZATION_NAMESPACE}
prune: true
# wait: true
# force: true
path: ./cloud-resources/flux-remote-bootstrap/bootstrap/manifests/namespaces
kubeConfig:
secretRef:
- name: ${CLUSTER_KUBECONFIG_SECRET_NAME}
- key: ${CLUSTER_KUBECONFIG_SECRET_KEY}
+ name: kubeconfig-${CLUSTER_KUSTOMIZATION_NAME}
+ key: kubeconfig
---
# Creates remote `flux-system.flux-system` secret
kind: Kustomization
metadata:
name: ${CLUSTER_KUSTOMIZATION_NAME}-bstrp-secret-flux
- namespace: ${BOOTSTRAP_KUSTOMIZATION_NAMESPACE}
+ namespace: managed-resources
labels:
cluster: ${CLUSTER_KUSTOMIZATION_NAME}
spec:
path: ./cloud-resources/flux-remote-bootstrap/bootstrap/manifests/secret
kubeConfig:
secretRef:
- name: ${CLUSTER_KUBECONFIG_SECRET_NAME}
- key: ${CLUSTER_KUBECONFIG_SECRET_KEY}
+ name: kubeconfig-${CLUSTER_KUSTOMIZATION_NAME}
+ key: kubeconfig
patches:
- patch: |-
apiVersion: v1
- kind: Secret
name: flux-system
----
-# Creates remote `flux-system.managed-resources` secret
-apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
-kind: Kustomization
-metadata:
- name: ${CLUSTER_KUSTOMIZATION_NAME}-bstrp-secret-managedresources-flux
- namespace: ${BOOTSTRAP_KUSTOMIZATION_NAMESPACE}
- labels:
- cluster: ${CLUSTER_KUSTOMIZATION_NAME}
-spec:
- # interval: 1h
- interval: 5m
- retryInterval: 1m
- timeout: 5m
- dependsOn:
- - name: ${CLUSTER_KUSTOMIZATION_NAME}-bstrp-ns
- prune: true
- # wait: true
- force: true
- sourceRef:
- kind: GitRepository
- name: sw-catalogs
- namespace: flux-system
- path: ./cloud-resources/flux-remote-bootstrap/bootstrap/manifests/secret
- kubeConfig:
- secretRef:
- name: ${CLUSTER_KUBECONFIG_SECRET_NAME}
- key: ${CLUSTER_KUBECONFIG_SECRET_KEY}
- patches:
- - patch: |-
- apiVersion: v1
- kind: Secret
- metadata:
- name: ${secret_name}
- namespace: ${secret_namespace}
- stringData:
- username: ${username}
- password: ${password}
- # Inputs:
- postBuild:
- substitute:
- secret_name: flux-system
- secret_namespace: ${BOOTSTRAP_SECRET_NAMESPACE}
- substituteFrom:
- - kind: Secret
- name: flux-system
-
---
# Creates remote `sops-age` secret
apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
kind: Kustomization
metadata:
name: ${CLUSTER_KUSTOMIZATION_NAME}-bstrp-secret-sops
- namespace: ${BOOTSTRAP_KUSTOMIZATION_NAMESPACE}
+ namespace: managed-resources
labels:
cluster: ${CLUSTER_KUSTOMIZATION_NAME}
spec:
path: ./cloud-resources/flux-remote-bootstrap/bootstrap/manifests/secret
kubeConfig:
secretRef:
- name: ${CLUSTER_KUBECONFIG_SECRET_NAME}
- key: ${CLUSTER_KUBECONFIG_SECRET_KEY}
+ name: kubeconfig-${CLUSTER_KUSTOMIZATION_NAME}
+ key: kubeconfig
patches:
- patch: |-
apiVersion: v1
kind: Kustomization
metadata:
name: ${CLUSTER_KUSTOMIZATION_NAME}-bstrp-secret-fleet
- namespace: ${BOOTSTRAP_KUSTOMIZATION_NAMESPACE}
+ namespace: managed-resources
labels:
cluster: ${CLUSTER_KUSTOMIZATION_NAME}
spec:
path: ./cloud-resources/flux-remote-bootstrap/bootstrap/manifests/secret
kubeConfig:
secretRef:
- name: ${CLUSTER_KUBECONFIG_SECRET_NAME}
- key: ${CLUSTER_KUBECONFIG_SECRET_KEY}
+ name: kubeconfig-${CLUSTER_KUSTOMIZATION_NAME}
+ key: kubeconfig
patches:
- patch: |-
apiVersion: v1
- kind: Secret
name: fleet-repo
----
-# Creates remote `fleet-repo.managed-resources` secret
-apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
-kind: Kustomization
-metadata:
- name: ${CLUSTER_KUSTOMIZATION_NAME}-bstrp-secret-managedresources-fleet
- namespace: ${BOOTSTRAP_KUSTOMIZATION_NAMESPACE}
- labels:
- cluster: ${CLUSTER_KUSTOMIZATION_NAME}
-spec:
- # interval: 1h
- interval: 5m
- retryInterval: 1m
- timeout: 5m
- dependsOn:
- - name: ${CLUSTER_KUSTOMIZATION_NAME}-bstrp-ns
- prune: true
- # wait: true
- force: true
- sourceRef:
- kind: GitRepository
- name: sw-catalogs
- namespace: flux-system
- path: ./cloud-resources/flux-remote-bootstrap/bootstrap/manifests/secret
- kubeConfig:
- secretRef:
- name: ${CLUSTER_KUBECONFIG_SECRET_NAME}
- key: ${CLUSTER_KUBECONFIG_SECRET_KEY}
- patches:
- - patch: |-
- apiVersion: v1
- kind: Secret
- metadata:
- name: ${secret_name}
- namespace: ${secret_namespace}
- stringData:
- username: ${username}
- password: ${password}
- # Inputs:
- postBuild:
- substitute:
- secret_name: fleet-repo
- secret_namespace: ${BOOTSTRAP_SECRET_NAMESPACE}
- substituteFrom:
- - kind: Secret
- name: fleet-repo
-
---
# Creates remote `sw-catalogs.flux-system` secret
apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
kind: Kustomization
metadata:
name: ${CLUSTER_KUSTOMIZATION_NAME}-bstrp-secret-catalogs
- namespace: ${BOOTSTRAP_KUSTOMIZATION_NAMESPACE}
+ namespace: managed-resources
labels:
cluster: ${CLUSTER_KUSTOMIZATION_NAME}
spec:
path: ./cloud-resources/flux-remote-bootstrap/bootstrap/manifests/secret
kubeConfig:
secretRef:
- name: ${CLUSTER_KUBECONFIG_SECRET_NAME}
- key: ${CLUSTER_KUBECONFIG_SECRET_KEY}
+ name: kubeconfig-${CLUSTER_KUSTOMIZATION_NAME}
+ key: kubeconfig
patches:
- patch: |-
apiVersion: v1
- kind: Secret
name: sw-catalogs
----
-# Creates remote `sw-catalogs.managed-resources` secret
-apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
-kind: Kustomization
-metadata:
- name: ${CLUSTER_KUSTOMIZATION_NAME}-bstrp-secret-managedresources-catalogs
- namespace: ${BOOTSTRAP_KUSTOMIZATION_NAMESPACE}
- labels:
- cluster: ${CLUSTER_KUSTOMIZATION_NAME}
-spec:
- # interval: 1h
- interval: 5m
- retryInterval: 1m
- timeout: 5m
- dependsOn:
- - name: ${CLUSTER_KUSTOMIZATION_NAME}-bstrp-ns
- prune: true
- # wait: true
- force: true
- sourceRef:
- kind: GitRepository
- name: sw-catalogs
- namespace: flux-system
- path: ./cloud-resources/flux-remote-bootstrap/bootstrap/manifests/secret
- kubeConfig:
- secretRef:
- name: ${CLUSTER_KUBECONFIG_SECRET_NAME}
- key: ${CLUSTER_KUBECONFIG_SECRET_KEY}
- patches:
- - patch: |-
- apiVersion: v1
- kind: Secret
- metadata:
- name: ${secret_name}
- namespace: ${secret_namespace}
- stringData:
- username: ${username}
- password: ${password}
- # Inputs:
- postBuild:
- substitute:
- secret_name: sw-catalogs
- secret_namespace: ${BOOTSTRAP_SECRET_NAMESPACE}
- substituteFrom:
- - kind: Secret
- name: sw-catalogs
-
---
# Remote installation of Flux controller (to let the cluster be autonomous)
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: ${CLUSTER_KUSTOMIZATION_NAME}-bstrp-fluxctrl
- namespace: ${BOOTSTRAP_KUSTOMIZATION_NAMESPACE}
+ namespace: managed-resources
labels:
cluster: ${CLUSTER_KUSTOMIZATION_NAME}
spec:
namespace: flux-system
kubeConfig:
secretRef:
- name: ${CLUSTER_KUBECONFIG_SECRET_NAME}
- key: ${CLUSTER_KUBECONFIG_SECRET_KEY}
+ name: kubeconfig-${CLUSTER_KUSTOMIZATION_NAME}
+ key: kubeconfig
projects / osm / devops.git / commitdiff