Merge "cinder: Fix ingress resource generation"
This commit is contained in:
Zuul
Gerrit Code Review
commit
e9c5baefd9
@ -90,7 +90,7 @@ spec:
|
||||
mountPath: /tmp/volume-usage-audit.sh
|
||||
subPath: volume-usage-audit.sh
|
||||
readOnly: true
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volume.api.internal "path" "/etc/cinder/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 16 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volumev3.api.internal "path" "/etc/cinder/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 16 }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 16 }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal "path" "/etc/rabbitmq/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 16 }}
|
||||
{{ if $mounts_cinder_volume_usage_audit.volumeMounts }}{{ toYaml $mounts_cinder_volume_usage_audit.volumeMounts | indent 16 }}{{ end }}
|
||||
@ -107,7 +107,7 @@ spec:
|
||||
configMap:
|
||||
name: cinder-bin
|
||||
defaultMode: 0555
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volume.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 12 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volumev3.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 12 }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 12 }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 12 }}
|
||||
{{ if $mounts_cinder_volume_usage_audit.volumes }}{{ toYaml $mounts_cinder_volume_usage_audit.volumes | indent 12 }}{{ end }}
|
||||
|
||||
@ -171,7 +171,7 @@ spec:
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volume.api.internal "path" "/etc/cinder/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volumev3.api.internal "path" "/etc/cinder/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal "path" "/etc/rabbitmq/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{ if $mounts_cinder_api.volumeMounts }}{{ toYaml $mounts_cinder_api.volumeMounts | indent 12 }}{{ end }}
|
||||
volumes:
|
||||
@ -194,7 +194,7 @@ spec:
|
||||
emptyDir: {}
|
||||
{{- end }}
|
||||
{{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volume.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volumev3.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{ if $mounts_cinder_api.volumes }}{{ toYaml $mounts_cinder_api.volumes | indent 8 }}{{ end }}
|
||||
{{- end }}
|
||||
|
||||
@ -108,7 +108,7 @@ spec:
|
||||
- name: cinder-coordination
|
||||
mountPath: {{ ( split "://" .Values.conf.cinder.coordination.backend_url )._1 }}
|
||||
{{- end }}
|
||||
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.volume.api.internal "path" "/etc/cinder/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.volumev3.api.internal "path" "/etc/cinder/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal "path" "/etc/rabbitmq/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{ if $mounts_cinder_scheduler.volumeMounts }}{{ toYaml $mounts_cinder_scheduler.volumeMounts | indent 12 }}{{ end }}
|
||||
@ -129,7 +129,7 @@ spec:
|
||||
- name: cinder-coordination
|
||||
emptyDir: {}
|
||||
{{- end }}
|
||||
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.volume.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.volumev3.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{ if $mounts_cinder_scheduler.volumes }}{{ toYaml $mounts_cinder_scheduler.volumes | indent 8 }}{{ end }}
|
||||
|
||||
@ -132,7 +132,7 @@ spec:
|
||||
readOnly: true
|
||||
- name: pod-shared
|
||||
mountPath: /tmp/pod-shared
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volume.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volumev3.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
env:
|
||||
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin "useCA" (or .Values.manifests.certificates .Values.tls.identity) }}
|
||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
||||
@ -284,7 +284,7 @@ spec:
|
||||
mountPropagation: HostToContainer
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volume.api.internal "path" "/etc/cinder/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volumev3.api.internal "path" "/etc/cinder/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal "path" "/etc/rabbitmq/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{ if $mounts_cinder_volume.volumeMounts }}{{ toYaml $mounts_cinder_volume.volumeMounts | indent 12 }}{{ end }}
|
||||
@ -363,7 +363,7 @@ spec:
|
||||
path: /sys
|
||||
{{- end }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volume.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volumev3.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{ if $mounts_cinder_volume.volumes }}{{ toYaml $mounts_cinder_volume.volumes | indent 8 }}{{ end }}
|
||||
{{- end }}
|
||||
|
||||
@ -14,8 +14,8 @@ limitations under the License.
|
||||
|
||||
{{- if and .Values.manifests.ingress_api .Values.network.api.ingress.public }}
|
||||
{{- $envAll := . -}}
|
||||
{{- $ingressOpts := dict "envAll" $envAll "backendServiceType" "volume" "backendPort" "c-api" -}}
|
||||
{{- $secretName := $envAll.Values.secrets.tls.volume.api.internal -}}
|
||||
{{- $ingressOpts := dict "envAll" $envAll "backendServiceType" "volumev3" "backendPort" "c-api" -}}
|
||||
{{- $secretName := $envAll.Values.secrets.tls.volumev3.api.internal -}}
|
||||
{{- if and .Values.manifests.certificates $secretName -}}
|
||||
{{- $_ := set $ingressOpts "certIssuer" .Values.endpoints.volume.host_fqdn_override.default.tls.issuerRef.name -}}
|
||||
{{- end -}}
|
||||
|
||||
@ -20,7 +20,7 @@ helm.sh/hook-weight: "5"
|
||||
{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
|
||||
{{- $bootstrapJob := dict "envAll" . "serviceName" "cinder" "keystoneUser" .Values.bootstrap.ks_user "logConfigFile" .Values.conf.cinder.DEFAULT.log_config_append "jobAnnotations" (include "metadata.annotations.job.bootstrap" . | fromYaml) -}}
|
||||
{{- if or .Values.manifests.certificates .Values.tls.identity -}}
|
||||
{{- $_ := set $bootstrapJob "tlsSecret" .Values.secrets.tls.volume.api.internal -}}
|
||||
{{- $_ := set $bootstrapJob "tlsSecret" .Values.secrets.tls.volumev3.api.internal -}}
|
||||
{{- end -}}
|
||||
{{- if .Values.pod.tolerations.cinder.enabled -}}
|
||||
{{- $_ := set $bootstrapJob "tolerationsEnabled" true -}}
|
||||
|
||||
@ -68,7 +68,7 @@ spec:
|
||||
mountPath: /tmp/create-internal-tenant.sh
|
||||
subPath: create-internal-tenant.sh
|
||||
readOnly: true
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volume.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volumev3.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
env:
|
||||
{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.admin "useCA" (or .Values.manifests.certificates .Values.tls.identity) }}
|
||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
||||
@ -97,5 +97,5 @@ spec:
|
||||
configMap:
|
||||
name: {{ $configMapBin | quote }}
|
||||
defaultMode: 0555
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volume.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volumev3.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{- end -}}
|
||||
|
||||
@ -27,7 +27,7 @@ helm.sh/hook-weight: "-2"
|
||||
{{- if .Values.manifests.job_ks_endpoints }}
|
||||
{{- $ksServiceJob := dict "envAll" . "serviceName" "cinder" "serviceTypes" ( $volTypes ) -}}
|
||||
{{- if or .Values.manifests.certificates .Values.tls.identity -}}
|
||||
{{- $_ := set $ksServiceJob "tlsSecret" .Values.secrets.tls.volume.api.internal -}}
|
||||
{{- $_ := set $ksServiceJob "tlsSecret" .Values.secrets.tls.volumev3.api.internal -}}
|
||||
{{- end -}}
|
||||
{{- if .Values.helm3_hook }}
|
||||
{{- $_ := set $ksServiceJob "jobAnnotations" (include "metadata.annotations.job.ks_endpoints" . | fromYaml) }}
|
||||
|
||||
@ -33,7 +33,7 @@ helm.sh/hook-weight: "-3"
|
||||
{{- end }}
|
||||
{{- $ksServiceJob := dict "envAll" . "serviceName" "cinder" "serviceTypes" ( $volTypes ) -}}
|
||||
{{- if or .Values.manifests.certificates .Values.tls.identity -}}
|
||||
{{- $_ := set $ksServiceJob "tlsSecret" .Values.secrets.tls.volume.api.internal -}}
|
||||
{{- $_ := set $ksServiceJob "tlsSecret" .Values.secrets.tls.volumev3.api.internal -}}
|
||||
{{- end -}}
|
||||
{{- if .Values.helm3_hook }}
|
||||
{{- $_ := set $ksServiceJob "jobAnnotations" (include "metadata.annotations.job.ks_service" . | fromYaml) }}
|
||||
|
||||
@ -20,7 +20,7 @@ helm.sh/hook-weight: "-1"
|
||||
{{- if .Values.manifests.job_ks_user }}
|
||||
{{- $ksUserJob := dict "envAll" . "serviceName" "cinder" -}}
|
||||
{{- if or .Values.manifests.certificates .Values.tls.identity -}}
|
||||
{{- $_ := set $ksUserJob "tlsSecret" .Values.secrets.tls.volume.api.internal -}}
|
||||
{{- $_ := set $ksUserJob "tlsSecret" .Values.secrets.tls.volumev3.api.internal -}}
|
||||
{{- end -}}
|
||||
{{- if .Values.helm3_hook }}
|
||||
{{- $_ := set $ksUserJob "jobAnnotations" (include "metadata.annotations.job.ks_user" . | fromYaml) }}
|
||||
|
||||
@ -53,7 +53,7 @@ spec:
|
||||
mountPath: /tmp/ks-user.sh
|
||||
subPath: ks-user.sh
|
||||
readOnly: true
|
||||
{{ dict "enabled" .Values.manifests.certificates "name" $envAll.Values.secrets.tls.volume.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 8 }}
|
||||
{{ dict "enabled" .Values.manifests.certificates "name" $envAll.Values.secrets.tls.volumev3.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 8 }}
|
||||
env:
|
||||
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin "useCA" .Values.manifests.certificates }}
|
||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 8 }}
|
||||
@ -93,7 +93,7 @@ spec:
|
||||
readOnly: true
|
||||
- name: rally-db
|
||||
mountPath: /var/lib/rally
|
||||
{{ dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.volume.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 8 }}
|
||||
{{ dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.volumev3.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 8 }}
|
||||
{{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }}
|
||||
volumes:
|
||||
- name: pod-tmp
|
||||
@ -108,6 +108,6 @@ spec:
|
||||
defaultMode: 0555
|
||||
- name: rally-db
|
||||
emptyDir: {}
|
||||
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.volume.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 4 }}
|
||||
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.volumev3.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 4 }}
|
||||
{{ if $mounts_tests.volumes }}{{ toYaml $mounts_tests.volumes | indent 4 }}{{ end }}
|
||||
{{- end }}
|
||||
|
||||
@ -1195,7 +1195,7 @@ secrets:
|
||||
admin: cinder-rabbitmq-admin
|
||||
cinder: cinder-rabbitmq-user
|
||||
tls:
|
||||
volume:
|
||||
volumev3:
|
||||
api:
|
||||
public: cinder-tls-public
|
||||
internal: cinder-tls-api
|
||||
|
||||
4
releasenotes/notes/cinder-4e17dd8ee84ca1a2.yaml
Normal file
4
releasenotes/notes/cinder-4e17dd8ee84ca1a2.yaml
Normal file
@ -0,0 +1,4 @@
|
||||
---
|
||||
cinder:
|
||||
- Fix ingress resource generation
|
||||
...
|
||||
Loading…
x
Reference in New Issue
Block a user