From: Todd Malsbary <todd.malsbary@intel.com>
Date: Thu, 9 Dec 2021 00:56:13 +0000 (-0800)
Subject: Add pod11 site definition
X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=commitdiff_plain;h=0eca284fa49565d10773abd876f662a0055358f6;p=icn.git

Add pod11 site definition

Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: I35668f1ba97e74d6a579b3abbc010c7e59b61288
---

diff --git a/deploy/site/pod11/.sops.yaml b/deploy/site/pod11/.sops.yaml
new file mode 100644
index 0000000..60dfb57
--- /dev/null
+++ b/deploy/site/pod11/.sops.yaml
@@ -0,0 +1,4 @@
+creation_rules:
+  - path_regex: .*.yaml
+    encrypted_regex: ^(bmcPassword|hashedPassword)$
+    pgp: A4B4A47A1DB07DE00E8158BE411E23534CA8FAE0
diff --git a/deploy/site/pod11/pod11.sh b/deploy/site/pod11/pod11.sh
new file mode 100755
index 0000000..c26b239
--- /dev/null
+++ b/deploy/site/pod11/pod11.sh
@@ -0,0 +1,86 @@
+#!/usr/bin/env bash
+set -eux -o pipefail
+
+SCRIPTDIR="$(readlink -f $(dirname ${BASH_SOURCE[0]}))"
+LIBDIR="$(dirname $(dirname $(dirname ${SCRIPTDIR})))/env/lib"
+
+source $LIBDIR/common.sh
+source $SCRIPTDIR/../common.sh
+
+BUILDDIR=${SCRIPTDIR/deploy/build}
+mkdir -p ${BUILDDIR}
+
+FLUX_SOPS_KEY_NAME=${FLUX_SOPS_KEY_NAME:-"icn-site-vm"} # TODO Replace ICN test key with real key
+
+function build_source {
+    sops_encrypt_site ${SCRIPTDIR}/site.yaml ${FLUX_SOPS_KEY_NAME}
+}
+
+function deploy {
+    flux_create_site https://gerrit.akraino.org/r/icn master deploy/site/pod11 ${FLUX_SOPS_KEY_NAME}
+}
+
+function clean {
+    kubectl -n flux-system delete kustomization icn-master-site-pod11
+}
+
+function is_cluster_ready {
+    [[ $(kubectl -n metal3 get cluster e2etest -o jsonpath='{.status.conditions[?(@.type=="Ready")].status}') == "True" ]]
+}
+
+function is_control_plane_ready {
+    # Checking the Cluster resource status is not sufficient, it
+    # reports the control plane as ready before the nodes forming the
+    # control plane are ready
+    local -r replicas=$(kubectl -n metal3 get kubeadmcontrolplane e2etest -o jsonpath='{.spec.replicas}')
+    [[ $(kubectl --kubeconfig=${BUILDDIR}/e2etest-admin.conf get nodes -l node-role.kubernetes.io/control-plane -o jsonpath='{range .items[*]}{.status.conditions[?(@.type=="Ready")].status}{"\n"}{end}' | grep -c True) == ${replicas} ]]
+}
+
+function insert_control_plane_network_identity_into_ssh_config {
+    # This enables logging into the control plane machines from this
+    # machine without specifying the identify file on the command line
+
+    # Create ssh config if it doesn't exist
+    mkdir -p ${HOME}/.ssh && chmod 700 ${HOME}/.ssh
+    touch ${HOME}/.ssh/config
+    chmod 600 ${HOME}/.ssh/config
+    # Add the entry for the control plane network, host value in ssh
+    # config is a wildcard
+    endpoint=$(helm -n metal3 get values -a cluster-e2etest | awk '/controlPlaneEndpoint:/ {print $2}')
+    prefix=$(helm -n metal3 get values -a cluster-e2etest | awk '/controlPlanePrefix:/ {print $2}')
+    host=$(ipcalc ${endpoint}/${prefix} | awk '/Network:/ {sub(/\.0.*/,".*"); print $2}')
+    if [[ $(grep -c "Host ${host}" ${HOME}/.ssh/config) != 0 ]]; then
+	sed -i -e '/Host '"${host}"'/,+1 d' ${HOME}/.ssh/config
+    fi
+    cat <<EOF >>${HOME}/.ssh/config
+Host ${host}
+  IdentityFile ${SCRIPTDIR}/id_rsa
+EOF
+}
+
+function wait_for_all_ready {
+    WAIT_FOR_INTERVAL=60s
+    WAIT_FOR_TRIES=30
+    wait_for is_cluster_ready
+    clusterctl -n metal3 get kubeconfig e2etest >${BUILDDIR}/e2etest-admin.conf
+    chmod 600 ${BUILDDIR}/e2etest-admin.conf
+    wait_for is_control_plane_ready
+    insert_control_plane_network_identity_into_ssh_config
+}
+
+case $1 in
+    "build-source") build_source ;;
+    "clean") clean ;;
+    "deploy") deploy ;;
+    "wait") wait_for_all_ready ;;
+    *) cat <<EOF
+Usage: $(basename $0) COMMAND
+
+Commands:
+  build-source  - Rebuild the in-tree site files
+  clean         - Remove the site
+  deploy        - Deploy the site
+  wait          - Wait for the site to be ready
+EOF
+       ;;
+esac
diff --git a/deploy/site/pod11/site.yaml b/deploy/site/pod11/site.yaml
new file mode 100644
index 0000000..9c66316
--- /dev/null
+++ b/deploy/site/pod11/site.yaml
@@ -0,0 +1,287 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+    name: metal3
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age: []
+    lastmodified: "2021-12-10T17:33:34Z"
+    mac: ENC[AES256_GCM,data:lIvQYYlC4p/P/j51lN/oE8Fq+XfXpuTZesKjUi7pGCUI3Utdup4kEiPpr5rsidNBifnTpT6gFyl0CUVF3eNK7/brltv0jkfzfv0CO+y+Soa3Wu1ZvObtShGf8azbb77PEHC1qiLmCaCYQJmCgW7wkNfu5AHy+wndt85V4+oSE0g=,iv:ybmH8hIPs7RGxJJE1Jaj3FRCqv+Vlw/JUun2zSKb8tc=,tag:LibpQ6wjIJzPciVCgEvOjQ==,type:str]
+    pgp:
+        - created_at: "2021-12-10T17:33:33Z"
+          enc: |
+            -----BEGIN PGP MESSAGE-----
+
+            hQIMA4SX7nk+q+zPAQ/+Jti8jqeEXHxNf7iMUFOndkJHJ5NKZ41FKZcanDw660YX
+            iRvFsp6G6XIIDUl8iJ9O+uMvwczT9Ho/+c3zCA7NjqBfgh8/T6DfYzg9iq29PEq8
+            koJda8q/DHwzYhC1+ijRqJ34jLCh/uAnBqCmYWNYYTO1GL5rK13PmZRtG67+3MJW
+            dmuH2eSGnSk/ZfnqxYusBEVIvpvedlD5rx960qIId0WhTTmu+uGM/aKopk/blqfY
+            fh3bPmoHNYjHvaMp5MMe0CJmXO1/XaVNnOnE8RZxd+BQkVgQyVONuP78o982msLy
+            uWF8khvBH9lbB6Mc0TPLf7ZL3e7HooyWl+r0sbbKbY3PZLNeXCFk3EW+XarN8QAp
+            qO4VWeoNtjexWN+jyim5Ld9n4aPxC9PJM/SOEETtFME11TrIEBwHsuQtE8oi6bwc
+            oI551fLC58q/yneNbFOtS34L4pwxVl7PLCP6wyKFyZY6pzE2OEvx/+p4bp3cKVpX
+            wSfKbRZXygaH/Zk+ocnUtBFoVhQ7dTkDr42yHkn/bwHvA+Jjn6vI5I5PqNNGRwkl
+            HyXXtz1UnQh+9M6jKjSqPHK5WeoxCochMttdjTxnnBHuFOUTZ16zMfVVJLLf2+ci
+            uXgKZFv/9xdFiWf1YwLsCiEC5iP0wE00ZShuyc/Yw6RjkVNbElVE5qlvaXOjVEnS
+            XAH24JbApCrv+zHw5HJ6Oi+VHjCa7kiaeGAyWEw4Udvn+gy0sKq7Zo9HbiXj+fA8
+            TR2PDX4lJKuE9lmQ2EeRNG6z7m6vVGmMiXYcq7/oBsxc2VUHfr42qE/nBMZI
+            =pjhf
+            -----END PGP MESSAGE-----
+          fp: A4B4A47A1DB07DE00E8158BE411E23534CA8FAE0
+    encrypted_regex: ^(bmcPassword|hashedPassword)$
+    version: 3.7.1
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: GitRepository
+metadata:
+    name: icn
+    namespace: metal3
+spec:
+    gitImplementation: go-git
+    interval: 1m0s
+    ref:
+        branch: master
+    timeout: 20s
+    url: https://gerrit.akraino.org/r/icn
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age: []
+    lastmodified: "2021-12-10T17:33:34Z"
+    mac: ENC[AES256_GCM,data:lIvQYYlC4p/P/j51lN/oE8Fq+XfXpuTZesKjUi7pGCUI3Utdup4kEiPpr5rsidNBifnTpT6gFyl0CUVF3eNK7/brltv0jkfzfv0CO+y+Soa3Wu1ZvObtShGf8azbb77PEHC1qiLmCaCYQJmCgW7wkNfu5AHy+wndt85V4+oSE0g=,iv:ybmH8hIPs7RGxJJE1Jaj3FRCqv+Vlw/JUun2zSKb8tc=,tag:LibpQ6wjIJzPciVCgEvOjQ==,type:str]
+    pgp:
+        - created_at: "2021-12-10T17:33:33Z"
+          enc: |
+            -----BEGIN PGP MESSAGE-----
+
+            hQIMA4SX7nk+q+zPAQ/+Jti8jqeEXHxNf7iMUFOndkJHJ5NKZ41FKZcanDw660YX
+            iRvFsp6G6XIIDUl8iJ9O+uMvwczT9Ho/+c3zCA7NjqBfgh8/T6DfYzg9iq29PEq8
+            koJda8q/DHwzYhC1+ijRqJ34jLCh/uAnBqCmYWNYYTO1GL5rK13PmZRtG67+3MJW
+            dmuH2eSGnSk/ZfnqxYusBEVIvpvedlD5rx960qIId0WhTTmu+uGM/aKopk/blqfY
+            fh3bPmoHNYjHvaMp5MMe0CJmXO1/XaVNnOnE8RZxd+BQkVgQyVONuP78o982msLy
+            uWF8khvBH9lbB6Mc0TPLf7ZL3e7HooyWl+r0sbbKbY3PZLNeXCFk3EW+XarN8QAp
+            qO4VWeoNtjexWN+jyim5Ld9n4aPxC9PJM/SOEETtFME11TrIEBwHsuQtE8oi6bwc
+            oI551fLC58q/yneNbFOtS34L4pwxVl7PLCP6wyKFyZY6pzE2OEvx/+p4bp3cKVpX
+            wSfKbRZXygaH/Zk+ocnUtBFoVhQ7dTkDr42yHkn/bwHvA+Jjn6vI5I5PqNNGRwkl
+            HyXXtz1UnQh+9M6jKjSqPHK5WeoxCochMttdjTxnnBHuFOUTZ16zMfVVJLLf2+ci
+            uXgKZFv/9xdFiWf1YwLsCiEC5iP0wE00ZShuyc/Yw6RjkVNbElVE5qlvaXOjVEnS
+            XAH24JbApCrv+zHw5HJ6Oi+VHjCa7kiaeGAyWEw4Udvn+gy0sKq7Zo9HbiXj+fA8
+            TR2PDX4lJKuE9lmQ2EeRNG6z7m6vVGmMiXYcq7/oBsxc2VUHfr42qE/nBMZI
+            =pjhf
+            -----END PGP MESSAGE-----
+          fp: A4B4A47A1DB07DE00E8158BE411E23534CA8FAE0
+    encrypted_regex: ^(bmcPassword|hashedPassword)$
+    version: 3.7.1
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+    name: pod11-node2
+    namespace: metal3
+spec:
+    interval: 5m
+    chart:
+        spec:
+            chart: deploy/machine
+            sourceRef:
+                kind: GitRepository
+                name: icn
+            interval: 1m
+    values:
+        machineName: pod11-node2
+        machineLabels:
+            machine: pod11-node2
+        bmcAddress: ipmi://10.10.110.12
+        bmcUsername: root
+        bmcPassword: ENC[AES256_GCM,data:ZDFi9g==,iv:x8FS6/29Sirdn2V3CSEBZkSmq8GYxFp0aU0F/vub/4M=,tag:/b7M6/p+6IiTBs3Dlgz53Q==,type:str]
+        networks:
+            baremetal:
+                macAddress: 00:1e:67:fe:f4:19
+                type: ipv4
+                ipAddress: 10.10.110.22/24
+                gateway: 10.10.110.1
+                nameservers:
+                    - 8.8.8.8
+            provisioning:
+                macAddress: 00:1e:67:fe:f4:1a
+                type: ipv4_dhcp
+            private:
+                macAddress: 00:1e:67:f8:6a:40
+                type: ipv4
+                ipAddress: 10.10.112.3/24
+            storage:
+                macAddress: 00:1e:67:f8:6a:41
+                type: ipv4
+                ipAddress: 10.10.113.3/24
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age: []
+    lastmodified: "2021-12-10T17:33:34Z"
+    mac: ENC[AES256_GCM,data:lIvQYYlC4p/P/j51lN/oE8Fq+XfXpuTZesKjUi7pGCUI3Utdup4kEiPpr5rsidNBifnTpT6gFyl0CUVF3eNK7/brltv0jkfzfv0CO+y+Soa3Wu1ZvObtShGf8azbb77PEHC1qiLmCaCYQJmCgW7wkNfu5AHy+wndt85V4+oSE0g=,iv:ybmH8hIPs7RGxJJE1Jaj3FRCqv+Vlw/JUun2zSKb8tc=,tag:LibpQ6wjIJzPciVCgEvOjQ==,type:str]
+    pgp:
+        - created_at: "2021-12-10T17:33:33Z"
+          enc: |
+            -----BEGIN PGP MESSAGE-----
+
+            hQIMA4SX7nk+q+zPAQ/+Jti8jqeEXHxNf7iMUFOndkJHJ5NKZ41FKZcanDw660YX
+            iRvFsp6G6XIIDUl8iJ9O+uMvwczT9Ho/+c3zCA7NjqBfgh8/T6DfYzg9iq29PEq8
+            koJda8q/DHwzYhC1+ijRqJ34jLCh/uAnBqCmYWNYYTO1GL5rK13PmZRtG67+3MJW
+            dmuH2eSGnSk/ZfnqxYusBEVIvpvedlD5rx960qIId0WhTTmu+uGM/aKopk/blqfY
+            fh3bPmoHNYjHvaMp5MMe0CJmXO1/XaVNnOnE8RZxd+BQkVgQyVONuP78o982msLy
+            uWF8khvBH9lbB6Mc0TPLf7ZL3e7HooyWl+r0sbbKbY3PZLNeXCFk3EW+XarN8QAp
+            qO4VWeoNtjexWN+jyim5Ld9n4aPxC9PJM/SOEETtFME11TrIEBwHsuQtE8oi6bwc
+            oI551fLC58q/yneNbFOtS34L4pwxVl7PLCP6wyKFyZY6pzE2OEvx/+p4bp3cKVpX
+            wSfKbRZXygaH/Zk+ocnUtBFoVhQ7dTkDr42yHkn/bwHvA+Jjn6vI5I5PqNNGRwkl
+            HyXXtz1UnQh+9M6jKjSqPHK5WeoxCochMttdjTxnnBHuFOUTZ16zMfVVJLLf2+ci
+            uXgKZFv/9xdFiWf1YwLsCiEC5iP0wE00ZShuyc/Yw6RjkVNbElVE5qlvaXOjVEnS
+            XAH24JbApCrv+zHw5HJ6Oi+VHjCa7kiaeGAyWEw4Udvn+gy0sKq7Zo9HbiXj+fA8
+            TR2PDX4lJKuE9lmQ2EeRNG6z7m6vVGmMiXYcq7/oBsxc2VUHfr42qE/nBMZI
+            =pjhf
+            -----END PGP MESSAGE-----
+          fp: A4B4A47A1DB07DE00E8158BE411E23534CA8FAE0
+    encrypted_regex: ^(bmcPassword|hashedPassword)$
+    version: 3.7.1
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+    name: pod11-node3
+    namespace: metal3
+spec:
+    interval: 5m
+    chart:
+        spec:
+            chart: deploy/machine
+            sourceRef:
+                kind: GitRepository
+                name: icn
+            interval: 1m
+    values:
+        machineName: pod11-node3
+        machineLabels:
+            machine: pod11-node3
+        bmcAddress: ipmi://10.10.110.13
+        bmcUsername: root
+        bmcPassword: ENC[AES256_GCM,data:SJBJHg==,iv:rIAANlqDFSlzCv4O9tWVfwhZ8dwhgI8QfrssEQJ3dd4=,tag:zDWJUzROdbGzTh0jxdq7uQ==,type:str]
+        networks:
+            baremetal:
+                macAddress: 00:1e:67:f1:5b:90
+                type: ipv4
+                ipAddress: 10.10.110.23/24
+                gateway: 10.10.110.1
+                nameservers:
+                    - 8.8.8.8
+            provisioning:
+                macAddress: 00:1e:67:f1:5b:91
+                type: ipv4_dhcp
+            private:
+                macAddress: 00:1e:67:f8:69:80
+                type: ipv4
+                ipAddress: 10.10.112.4/24
+            storage:
+                macAddress: 00:1e:67:f8:69:81
+                type: ipv4
+                ipAddress: 10.10.113.4/24
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age: []
+    lastmodified: "2021-12-10T17:33:34Z"
+    mac: ENC[AES256_GCM,data:lIvQYYlC4p/P/j51lN/oE8Fq+XfXpuTZesKjUi7pGCUI3Utdup4kEiPpr5rsidNBifnTpT6gFyl0CUVF3eNK7/brltv0jkfzfv0CO+y+Soa3Wu1ZvObtShGf8azbb77PEHC1qiLmCaCYQJmCgW7wkNfu5AHy+wndt85V4+oSE0g=,iv:ybmH8hIPs7RGxJJE1Jaj3FRCqv+Vlw/JUun2zSKb8tc=,tag:LibpQ6wjIJzPciVCgEvOjQ==,type:str]
+    pgp:
+        - created_at: "2021-12-10T17:33:33Z"
+          enc: |
+            -----BEGIN PGP MESSAGE-----
+
+            hQIMA4SX7nk+q+zPAQ/+Jti8jqeEXHxNf7iMUFOndkJHJ5NKZ41FKZcanDw660YX
+            iRvFsp6G6XIIDUl8iJ9O+uMvwczT9Ho/+c3zCA7NjqBfgh8/T6DfYzg9iq29PEq8
+            koJda8q/DHwzYhC1+ijRqJ34jLCh/uAnBqCmYWNYYTO1GL5rK13PmZRtG67+3MJW
+            dmuH2eSGnSk/ZfnqxYusBEVIvpvedlD5rx960qIId0WhTTmu+uGM/aKopk/blqfY
+            fh3bPmoHNYjHvaMp5MMe0CJmXO1/XaVNnOnE8RZxd+BQkVgQyVONuP78o982msLy
+            uWF8khvBH9lbB6Mc0TPLf7ZL3e7HooyWl+r0sbbKbY3PZLNeXCFk3EW+XarN8QAp
+            qO4VWeoNtjexWN+jyim5Ld9n4aPxC9PJM/SOEETtFME11TrIEBwHsuQtE8oi6bwc
+            oI551fLC58q/yneNbFOtS34L4pwxVl7PLCP6wyKFyZY6pzE2OEvx/+p4bp3cKVpX
+            wSfKbRZXygaH/Zk+ocnUtBFoVhQ7dTkDr42yHkn/bwHvA+Jjn6vI5I5PqNNGRwkl
+            HyXXtz1UnQh+9M6jKjSqPHK5WeoxCochMttdjTxnnBHuFOUTZ16zMfVVJLLf2+ci
+            uXgKZFv/9xdFiWf1YwLsCiEC5iP0wE00ZShuyc/Yw6RjkVNbElVE5qlvaXOjVEnS
+            XAH24JbApCrv+zHw5HJ6Oi+VHjCa7kiaeGAyWEw4Udvn+gy0sKq7Zo9HbiXj+fA8
+            TR2PDX4lJKuE9lmQ2EeRNG6z7m6vVGmMiXYcq7/oBsxc2VUHfr42qE/nBMZI
+            =pjhf
+            -----END PGP MESSAGE-----
+          fp: A4B4A47A1DB07DE00E8158BE411E23534CA8FAE0
+    encrypted_regex: ^(bmcPassword|hashedPassword)$
+    version: 3.7.1
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+    name: cluster-e2etest
+    namespace: metal3
+spec:
+    interval: 5m
+    chart:
+        spec:
+            chart: deploy/cluster
+            sourceRef:
+                kind: GitRepository
+                name: icn
+            interval: 1m
+    values:
+        clusterName: e2etest
+        clusterLabels:
+            site: pod11
+        controlPlaneEndpoint: 10.10.110.23
+        controlPlaneHostSelector:
+            matchLabels:
+                machine: pod11-node3
+        workersHostSelector:
+            matchLabels:
+                machine: pod11-node2
+        userData:
+            hashedPassword: ENC[AES256_GCM,data:ZAVj+UjrqMAuufUEUshhCj+oQ14SrCqj6rMtF2AShJlRzg3kYv/91Mi4fcz0XTgTcERAcJbiey4aWD2GMmTx+r6v68p/6AOwyXhp+WqXyojTlO9+fOvGczkshgHc2Mqrpk99yt5v9gcpcIxDsDrZqA==,iv:Trb4zqR88fgm/9PYom1myBQbBOIOh6N9vDKCwLgdOIw=,tag:DEXyt3gojpgnUYAV7VnqUg==,type:str]
+            sshAuthorizedKey: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCwLj/ekRDjp354W8kcGLagjudjTBZO8qBffJ4mNb01EJueUbLvM8EwCv2zu9lFKHD+nGkc1fkB3RyCn5OqzQDTAIpp82nOHXtrbKAZPg2ob8BlfVAz34h5r1bG78lnMH1xk7HKNbf73h9yzUEKiyrd8DlhJcJrsOZTPuTdRrIm7jxScDJpHFjy8tGISNMcnBGrNS9ukaRLK+PiEfDpuRtw/gOEf58NXgu38BcNm4tYfacHYuZFUbNCqj9gKi3btZawgybICcqrNqF36E/XXMfCS1qxZ7j9xfKjxWFgD9gW/HkRtV6K11NZFEvaYBFBA9S/GhLtk9aY+EsztABthE0J root@pod11-node5
+        flux:
+            url: https://gerrit.akraino.org/r/icn
+            branch: master
+            path: ./deploy/site/cluster-e2etest
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age: []
+    lastmodified: "2021-12-10T17:33:34Z"
+    mac: ENC[AES256_GCM,data:lIvQYYlC4p/P/j51lN/oE8Fq+XfXpuTZesKjUi7pGCUI3Utdup4kEiPpr5rsidNBifnTpT6gFyl0CUVF3eNK7/brltv0jkfzfv0CO+y+Soa3Wu1ZvObtShGf8azbb77PEHC1qiLmCaCYQJmCgW7wkNfu5AHy+wndt85V4+oSE0g=,iv:ybmH8hIPs7RGxJJE1Jaj3FRCqv+Vlw/JUun2zSKb8tc=,tag:LibpQ6wjIJzPciVCgEvOjQ==,type:str]
+    pgp:
+        - created_at: "2021-12-10T17:33:33Z"
+          enc: |
+            -----BEGIN PGP MESSAGE-----
+
+            hQIMA4SX7nk+q+zPAQ/+Jti8jqeEXHxNf7iMUFOndkJHJ5NKZ41FKZcanDw660YX
+            iRvFsp6G6XIIDUl8iJ9O+uMvwczT9Ho/+c3zCA7NjqBfgh8/T6DfYzg9iq29PEq8
+            koJda8q/DHwzYhC1+ijRqJ34jLCh/uAnBqCmYWNYYTO1GL5rK13PmZRtG67+3MJW
+            dmuH2eSGnSk/ZfnqxYusBEVIvpvedlD5rx960qIId0WhTTmu+uGM/aKopk/blqfY
+            fh3bPmoHNYjHvaMp5MMe0CJmXO1/XaVNnOnE8RZxd+BQkVgQyVONuP78o982msLy
+            uWF8khvBH9lbB6Mc0TPLf7ZL3e7HooyWl+r0sbbKbY3PZLNeXCFk3EW+XarN8QAp
+            qO4VWeoNtjexWN+jyim5Ld9n4aPxC9PJM/SOEETtFME11TrIEBwHsuQtE8oi6bwc
+            oI551fLC58q/yneNbFOtS34L4pwxVl7PLCP6wyKFyZY6pzE2OEvx/+p4bp3cKVpX
+            wSfKbRZXygaH/Zk+ocnUtBFoVhQ7dTkDr42yHkn/bwHvA+Jjn6vI5I5PqNNGRwkl
+            HyXXtz1UnQh+9M6jKjSqPHK5WeoxCochMttdjTxnnBHuFOUTZ16zMfVVJLLf2+ci
+            uXgKZFv/9xdFiWf1YwLsCiEC5iP0wE00ZShuyc/Yw6RjkVNbElVE5qlvaXOjVEnS
+            XAH24JbApCrv+zHw5HJ6Oi+VHjCa7kiaeGAyWEw4Udvn+gy0sKq7Zo9HbiXj+fA8
+            TR2PDX4lJKuE9lmQ2EeRNG6z7m6vVGmMiXYcq7/oBsxc2VUHfr42qE/nBMZI
+            =pjhf
+            -----END PGP MESSAGE-----
+          fp: A4B4A47A1DB07DE00E8158BE411E23534CA8FAE0
+    encrypted_regex: ^(bmcPassword|hashedPassword)$
+    version: 3.7.1
diff --git a/deploy/site/pod11/sops.pub.asc b/deploy/site/pod11/sops.pub.asc
new file mode 100644
index 0000000..34a3c25
--- /dev/null
+++ b/deploy/site/pod11/sops.pub.asc
@@ -0,0 +1,63 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBGGuW6EBEADPL46O8WFQzLgKGpRE14fqxpUChIiTtTBI9RnTQ4RdYKdZEJGE
+AfWkx3mmp0ih9BUHNBzf9knPgq+KUiyaLBt9HB2PVgXxkVspsovHVTCS4Sp4iBRf
+CHPhAFAoeZSLo3I/k7W0tTxDKhRWL9qI2APU/2PDFrNX1BqwhKhIPjIX8ipx32iV
+QMBAYhhtF7xHsDttX/KGiU7U3klLasnFUfYSbmrHybl7VLTbivAdHe5ejkfMx4BI
+IjSloD6HLrdovWaYoaADtK2pIzx0W4EtE76doIGpcl6XEqk2VEsXFwjlvmk/FZT8
+HsTnba5Q+VaiDdt8nWkmA5kkz2bp/uklndN3BQkyWhdU8orSXsRibP2uBXr3p8yw
+LfarjBMcqiUPRS8GBW4VR2eYse9qBJAJ/CKUK3LhA1wONmpWE1iYH4KFsIYdUlcf
+tQ0J0ojUWyaCxMlkQ2aSDCt/x46gQ8BPn4OwAEQlRhn9R0bK6ZgYQ+AGdzAdlFbZ
+5qJO5/v6/rad+ZWoMKcRS1eJECsn1l6EwuDSZEjSnXULTMiXLAVW7btFtRrogHRJ
+jcxD3sIyAhh7ITyLfsf9LJHWB9QP18a8PoVfwtARTZ5jnjmPuxtLS262t/TgCmWa
+W54h8dr2jyhOzSE2YSGH4wp83Cl8IwStXQ02S/NNsi470h32ehZO7ksY1wARAQAB
+tAtpY24tc2l0ZS12bYkCTgQTAQoAOBYhBKS0pHodsH3gDoFYvkEeI1NMqPrgBQJh
+rluhAhsvBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEEEeI1NMqPrgfIwP/36q
+cRUVAb+kZPJKYncG3SK1cYp7ErBTcGFi5VIlAWzBE81mhXefJPlgm+15Dzdxb46p
+xTE7g61zXsBVxC2mn60XmAf/wkrPK+snJer89B9HLhzHPINJHq6qHfipfNgmOqZ6
+iGo/XOFCCNBXZ2laRPzDjnc9teBTkOSjfdHuCoh9Qk9ghP2wF8t0kx0a+sUrZYV9
+BGTi8pBdUGKQ3kyUQOZRiPdCB2Nieg83ljiUHjM3Qih3BxxqEYjSSdlcCPyWFc/J
+TKryV/IX0p8xg6XeQedyojm4FDZUTpxr8yotNVfx+s2XZ0iQd8m2WCZcGrCweYNQ
+UqTEAkmvXrEmWGVLMaBJrtzuKQo6QC2gwEw0PCpv+kZJaKukUf0gowYbwEkKCWpX
+HunAoLY1Jfi6ha0qvOtddZqXZaRWU+CDfMnR23dmppJXSnePrCTGQhhI6gH//VK5
+/uI3lCA4ifOWC25lSzCdfdSObvR89x5bTP3kVvx1kTbz/Fsuq5ob1J78uv3VNrKM
+0MTx0jjgkCKc5mVoqwAW/n5b3uCZw6JTBSRvR3bRU9g0Lsw1R/xKwJBc8Tf6CK8Z
+gzzxhFd+tKgL2E9OYWFMgdg/s8k2r42xpShOwJHn20dJXUGjYERgqLYP4mSKzwP2
+5qou3dZ5RgMKMJfWiVhHcLvHOZQctfpKzUdGI/uSuQINBGGuW6EBEACstgYqJX5S
+xQZCPN4DwhBoqSxf+B4xXh0gK737bpeQaM+bAjSCdF3YQVY6vXn6LKh+d78Z2PDf
+K1Xskspai7d0h4w9Lf5kmc1vv8yVPhBnz7x32uBH/LhHCp1SJ34d/0+djX65JIh7
+ytDxmzcE69cQKdqt2cj6DzsjPrNM+0e5oqmme0lUi0QgzwhqUtyS0VP9BOziD/nq
+odzmONqzIToLfj7925FZwn2Xwcan7ZYzxQ2uKZvc1w6jaiaPkBoEzDOygQVhypj0
+GmGyO4dF96c+y/++6nry0nZuZzfiBVo+K+786uTETAYRJ6BEes/QlXxTGgQpE2VG
+7p5Z/tDQO/A3aFb88hgWlQ4Ot1Lbn7BlUvlA1ELXwloV5nTiqmTpNwSiAuARCqst
+WM3x1vugZUNEZGZkRAEtjahAjypBvls4a5iIlWbqVmdcACntvZZKF5KwByGwOpro
+jzXRDzoSVUyxG0zMIZAWHipGF4IpFjAYx3OPGlafYDq3gfoe4MxoD/9wOwDvNocj
+MDHWzBOIstOMlKG13zsCH4JdftQR1xspsWe0gA1jo183rrCQiNk8bLsr+UANyFAa
+jy2/PGBOybaqPe80h7YakwfZARQlLRQNDZpJpGV2L/9m2+qYrbi/Zq8h46Lkvmz4
+tGNdGfqNuju8DiJxNovtH8/cleFjEGClGwARAQABiQRsBBgBCgAgFiEEpLSkeh2w
+feAOgVi+QR4jU0yo+uAFAmGuW6ECGy4CQAkQQR4jU0yo+uDBdCAEGQEKAB0WIQTg
+LN375XITuuX10GGEl+55PqvszwUCYa5boQAKCRCEl+55Pqvsz15kD/9vzNhoKAtd
+JcdkeFv3wm75kapgEMMMitFeDO1c2uIg+bnTCIBoZRHO2RNHUS+d7ADCiTyWY3JJ
+BBr4LLHurg1AyQGXJ4Tf9W/ku3vfevoubzBtaH6YzZTcfWga35BN8KiIN3ZAiChy
+mNlxvr2YxaK0iX6eTXDWd3kvYmvVqQJO0hI5EOwXUWgY5VNBKVwjrYv34hqYE4+J
+Q1IsdcVvNjDkUAJO2y6vIiD7UiN0JKtK1JRCw1N+wOruNiuoky0UWCmMdUGSmnkP
+yX7cKpRDXHTeU560G1fEGPr5jc93Pd6LtyC/8eAJbC7w+fLn6+4hNzhRAxB/Z0H5
+mzBS+CuvUaX4yh3qgQTj20zeXKVRb3hRyQTmoEmtb7Udr/5C/GtDZJ97JwiAIiS7
+eeA89c8g/eAVXxN8hFAlTl8rTKEVnOIAiCPSo1QWHdmhYlaButyATkOoz9aGeA5c
+0/LWXJCsDSkzveNAnx6HGaG0rUtsd+Ee9QJCAhyhRsLisbpIjuhwkJOnCJh8zN7z
+XfiNUbr4SR4okBZsfws2g9yTTYI/i6IiZMrA+0UKFuYBceXeKgXtI8xy9IqVvnCf
+Hj0gI2PHSDnWVQWemqFt9TPEbBZBOzlzmV9pldhmDm8m11GkZFDpnpRK7ZnuJy3M
+jGnIM948OBXjxheBbr8LPX2VCU8vzsPyQHgHEAC/KRTx+GUg56vzW/1czY5i5HpS
+owl480uFAZYnmVOBkk2WztYizBR5vRGLaYFD5YyEnTML3ERTx5H+sbb/1pKtWD6s
+RVKR+LVtlQkBlAU263e0fKxs6qG20Z57m8mOJqPCnz9D0Deq4BBmQY6sApYCPa6x
+QzPPv40MOqeRv3zlSQIBhhF637Iad2rjOwgq6deezHGuqmSmCj2bo29oUi9zBhLf
+9pSfPYehLP6EXOPt0trdSL3HvV5icGMwRiCOx9LwmA49p7f0jDUs0Jo3OowS/4aJ
+8rlwbFMmerCVIWokGBL77j6Wc5ucAyj+ZzE7xfeberLa2sL1W1CDEs9IPLgXh+kI
+F5JAntVNyB5lfxPtNfV/XuCzCjJJgCwZOLCzwQg5cxRAHmRVorWq/5bmeWIKBX8q
+JqdvBSPW1IXVBz/6gpI3dU2ZF635F9qizJV/jyzV63lYRnTffRL4L/B8QR5iNlVI
+y/7Urqx2MgMsxmYJB38sOr0oO2dljUJdar3ZWCTIG/9oTg8quWt4lDcPfCsZp2Bk
+YhiZbE3p9iSSfmfO9gLgI8Dy4ZvZEavBU20B7qbiFYCAL+q+ZUUQAbYOTyZ0fZI6
+lKJuHN01R2ltDi3md55lsTL8bBGH2/bKR6YYkYPXzc/fqMGgHsaJ0IddRTKULcxW
+SqmNDCYCCn2EJbwrHQ==
+=8GKa
+-----END PGP PUBLIC KEY BLOCK-----