b51e7559b6
This patchset introduces a generated with template [1] and encrypted VariableCatalogue generated-secrets that contains steps to generate: ephemeral and target CA+admin key/cert and passwords for users in ephemeral bootstrap iso. It also introduces the way how these secrets are used in manifests: They're decrypted by kustomize and incorporated into the folders `catalogues` in the site, so they can be used by replacement plugin. This patchset contains modifications in replacement plugin configurations to put the decrypted values from VariableCatalogue in place. Since k8s secrets were substituted with generated values this patchset removes pre-generated k8s secrets. [1] manifests/type/gating/target/generator/secret-template.yaml Change-Id: I0898c74012833f0e171d36bb8145acf358510b69
Function: k8scontrol
This function defines a KubeADM and Metal3 control plane, including Cluster, Metal3Cluster, KubeadmControlPlane, and Metal3MachineTemplate resources.
Optional: a versions-airshipctl VariableCatalogue may be used to
override the default Kubernetes version and controlplane disk image.
A base example for this catalogue can be found in the airshipctl-base-catalogues
function. If using the catalogue, apply the replacements/ entrypoint
at the site level, as a Kubernetes transformer.
Optional: a networking VariableCatalogue may be used to
override some Kubernetes networking configuration.
A base example for this catalogue can be found in the airshipctl-base-catalogues
function. If using the catalogue, apply the replacements/ entrypoint
at the site level, as a Kustomize transformer.