--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: kubernetes-calico-etcd
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: kubernetes-calico-etcd-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+ substitutions:
+
+ # Chart source
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .charts.kubernetes.calico.etcd
+ dest:
+ path: .source
+
+ # Image versions
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .images.calico.etcd
+ dest:
+ path: .values.images.tags
+
+ # IP addresses
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .calico.etcd.service_ip
+ dest:
+ path: .values.service.ip
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .calico.etcd.service_ip
+ dest:
+ path: .values.anchor.etcdctl_endpoint
+
+ # CAs
+ - src:
+ schema: deckhand/CertificateAuthority/v1
+ name: calico-etcd
+ path: .
+ dest:
+ path: .values.secrets.tls.client.ca
+ - src:
+ schema: deckhand/CertificateAuthority/v1
+ name: calico-etcd-peer
+ path: .
+ dest:
+ path: .values.secrets.tls.peer.ca
+
+ # Anchor client cert
+ - src:
+ schema: deckhand/Certificate/v1
+ name: calico-etcd-anchor
+ path: .
+ dest:
+ path: .values.secrets.anchor.tls.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: calico-etcd-anchor
+ path: .
+ dest:
+ path: .values.secrets.anchor.tls.key
+
+ # Node names
+{% set count = [0] %}
+{% for server in yaml.masters %}
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .masters[{{count[0]}}].hostname
+ dest:
+ path: .values.nodes[{{count[0]}}].name
+ {% if count.append(count.pop() + 1) %}{% endif %}
+{% endfor %}
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .genesis.hostname
+ dest:
+ path: .values.nodes[{{count[0]}}].name
+
+ # Server certs
+{% set count = [0] %}
+{% for server in yaml.masters %}
+ - src:
+ schema: deckhand/Certificate/v1
+ name: calico-etcd-{{server.name}}
+ path: .
+ dest:
+ path: .values.nodes[{{count[0]}}].tls.client.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: calico-etcd-{{server.name}}
+ path: .
+ dest:
+ path: .values.nodes[{{count[0]}}].tls.client.key
+ - src:
+ schema: deckhand/Certificate/v1
+ name: calico-etcd-{{server.name}}-peer
+ path: .
+ dest:
+ path: .values.nodes[{{count[0]}}].tls.peer.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: calico-etcd-{{server.name}}-peer
+ path: .
+ dest:
+ path: .values.nodes[{{count[0]}}].tls.peer.key
+ {% if count.append(count.pop() + 1) %}{% endif %}
+{% endfor %}
+
+ # NOTE(mb874d): Be sure we generate these certs for genesis.
+ - src:
+ schema: deckhand/Certificate/v1
+ name: calico-etcd-{{yaml.genesis.name}}
+ path: .
+ dest:
+ path: .values.nodes[{{count[0]}}].tls.client.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: calico-etcd-{{yaml.genesis.name}}
+ path: .
+ dest:
+ path: .values.nodes[{{count[0]}}].tls.client.key
+ - src:
+ schema: deckhand/Certificate/v1
+ name: calico-etcd-{{yaml.genesis.name}}-peer
+ path: .
+ dest:
+ path: .values.nodes[{{count[0]}}].tls.peer.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: calico-etcd-{{yaml.genesis.name}}-peer
+ path: .
+ dest:
+ path: .values.nodes[{{count[0]}}].tls.peer.key
+
+data:
+ values:
+ manifests:
+ test_etcd_health: false
+...
Code Review / yaml_builds.git / blobdiff