8dba799c18
This phase builded on top of generic executor container.
It uses kustomize generator to generate secrets
and SOPS function to encrypt secrets.
Usage:
1. `curl -fsSL -o key.asc https://raw.githubusercontent.com/mozilla/sops/master/pgp/sops_functional_tests_key.asc`
Copy existing key from sops project
2. `export SOPS_IMPORT_PGP="$(cat key.asc)" && export SOPS_PGP_FP="FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4"`
3. `airshipctl phase run secret-generate`
It will generate and encrypt secret in
manifests/site/test-site/target/generator/results/generated/
4. `KUSTOMIZE_PLUGIN_HOME=$(pwd)/manifests SOPS_IMPORT_PGP=$(cat key.asc) kustomize build --enable_alpha_plugins
manifests/site/test-site/target/catalogues/ > output.txt`
It will decrypt encrypted secret
Co-authored-by: Alexey Odinokov <aodinokov@mirantis.com>
Change-Id: I1682d71b7805eb36c407e712dcb747de799bc8bb
Relates-To: #379
41 lines
1.7 KiB
YAML
41 lines
1.7 KiB
YAML
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- hosts: primary
|
|
environment:
|
|
SOPS_IMPORT_PGP: "{{ airship_config_pgp }}"
|
|
tasks:
|
|
- name: "set default gate scripts"
|
|
set_fact:
|
|
gate_scripts_default:
|
|
- ./tools/deployment/01_install_kubectl.sh
|
|
- ./tools/deployment/21_systemwide_executable.sh
|
|
- ./tools/deployment/22_test_configs.sh
|
|
- ./tools/deployment/23_pull_documents.sh
|
|
- ./tools/deployment/24_build_images.sh
|
|
- ./tools/deployment/25_deploy_ephemeral_node.sh
|
|
- ./tools/deployment/26_deploy_metal3_capi_ephemeral_node.sh
|
|
- ./tools/deployment/30_deploy_controlplane.sh
|
|
- ./tools/deployment/31_deploy_initinfra_target_node.sh
|
|
- ./tools/deployment/32_cluster_init_target_node.sh
|
|
- ./tools/deployment/33_cluster_move_target_node.sh
|
|
- ./tools/deployment/34_deploy_worker_node.sh
|
|
- ./tools/deployment/35_deploy_workload.sh
|
|
- ./tools/deployment/36_verify_hwcc_profiles.sh
|
|
|
|
- name: "Run gate scripts"
|
|
include_role:
|
|
name: airshipctl-run-script
|
|
vars:
|
|
gate_script_path: "{{ item }}"
|
|
with_items: "{{ gate_scripts | default(gate_scripts_default) }}"
|