airshipctl/manifests/function/hardwareprofile-example
Alexey Odinokov b51e7559b6 Adding encryption of k8s secrets and iso users passwords
This patchset introduces a generated with template [1] and encrypted
VariableCatalogue generated-secrets that contains steps to
generate: ephemeral and target CA+admin key/cert and passwords for
users in ephemeral bootstrap iso.

It also introduces the way how these secrets are used in manifests:
They're decrypted by kustomize and incorporated into the folders
`catalogues` in the site, so they can be used by replacement plugin.

This patchset contains modifications in replacement plugin
configurations to put the decrypted values from VariableCatalogue
in place.

Since k8s secrets were substituted with generated values
this patchset removes pre-generated k8s secrets.

[1]
manifests/type/gating/target/generator/secret-template.yaml

Change-Id: I0898c74012833f0e171d36bb8145acf358510b69
2021-02-12 04:07:36 +00:00
..
2020-11-10 12:23:25 -06:00
2020-10-01 05:17:15 +00:00

Function: hardwareprofile-example

This function defines a hardware profile that can be consumed by the hostgenerator-m3 function. It serves as an example for how other hardware profile functions can be created and consumed.

The example profile currently has fields for RAID and firmware configurations. This is to provide as a reference for utilizing all the supported RAID levels as well as all the supported firmware configurations.

For firmware configurations, the values from example profile are carried over to the default profile of hostgenerator-m3. That is because same defaults are exercised in metal3 baremetal-operator as well. See bios-config spec However, for RAID configurations, since there is no default profile, the template does not have any RAID fields. Nevertheless, all the supported RAID configurations have been listed in the hardwareprofile.yaml for your reference.

The /replacements kustomization contains a substitution rule that injects the profile into the hostgenerator BMH template. Please see the manifests/type/gating type and manifests/site/test-site site kustomization.yamls to see how a hardwareprofile function can be wired in.