This patchset introduces a generated with template [1] and encrypted VariableCatalogue generated-secrets that contains steps to generate: ephemeral and target CA+admin key/cert and passwords for users in ephemeral bootstrap iso. It also introduces the way how these secrets are used in manifests: They're decrypted by kustomize and incorporated into the folders `catalogues` in the site, so they can be used by replacement plugin. This patchset contains modifications in replacement plugin configurations to put the decrypted values from VariableCatalogue in place. Since k8s secrets were substituted with generated values this patchset removes pre-generated k8s secrets. [1] manifests/type/gating/target/generator/secret-template.yaml Change-Id: I0898c74012833f0e171d36bb8145acf358510b69
Function: hardwareprofile-example
This function defines a hardware profile that can be consumed by the hostgenerator-m3 function. It serves as an example for how other hardware profile functions can be created and consumed.
The example
profile currently has fields for RAID and firmware configurations.
This is to provide as a reference for utilizing all the supported RAID levels
as well as all the supported firmware configurations.
For firmware configurations, the values from example
profile are carried over
to the default
profile of hostgenerator-m3. That is because same defaults
are exercised in metal3 baremetal-operator as well. See bios-config spec
However, for RAID configurations, since
there is no default
profile, the template does not have any RAID fields.
Nevertheless, all the supported RAID configurations
have been listed in the hardwareprofile.yaml
for your reference.
The /replacements
kustomization contains a substitution rule that injects
the profile into the hostgenerator BMH template. Please see the
manifests/type/gating
type and manifests/site/test-site
site
kustomization.yamls to see how a hardwareprofile function can be wired in.