Skip to content

updated ocm so that it works #21

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ipbabble merged 1 commit into from
Jul 8, 2022
Merged

updated ocm so that it works #21

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 7 additions & 5 deletions charts/hub/opp/templates/policy-ocm-observability.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ spec:
kind: ConfigurationPolicy
metadata:
name: policy-ocm-observability
annotations:
argocd.argoproj.io/compare-options: IgnoreExtraneous
spec:
object-templates:
- complianceType: musthave
Expand All @@ -32,12 +34,12 @@ spec:
thanos.yaml: |
type: s3
config:
bucket: {{ (lookup "objectbucket.io/v1alpha1" "ObjectBucket" "" "quay-registry-quay-datastore").BUCKET_NAME }}
endpoint: {{ (lookup "objectbucket.io/v1alpha1" "ObjectBucket" "" "quay-registry-quay-datastore").BUCKET_HOST }}
bucket: '{{ `{{ (lookup "objectbucket.io/v1alpha1" "ObjectBucket" "" "obc-quay-enterprise-quay-registry-quay-datastore").spec.endpoint.bucketName }}` }}'
endpoint: '{{ `{{ (lookup "objectbucket.io/v1alpha1" "ObjectBucket" "" "obc-quay-enterprise-quay-registry-quay-datastore").spec.endpoint.bucketHost }}` }}'
insecure: true
access_key: {{ .Values.ocm.accessKey }}
secret_key: {{ .Values.ocm.secretKey }}
type: Opaque
access_key: '{{ `{{ (lookup "v1" "Secret" "openshift-storage" "noobaa-admin").data.AWS_ACCESS_KEY_ID }}` }}'
secret_key: '{{ `{{ (lookup "v1" "Secret" "openshift-storage" "noobaa-admin").data.AWS_SECRET_ACCESS_KEY }}` }}'
type: Opaque
- complianceType: musthave
objectDefinition:
apiVersion: observability.open-cluster-management.io/v1beta2
Expand Down
3 changes: 2 additions & 1 deletion charts/hub/opp/templates/policyset-managed.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,4 +11,5 @@ spec:
them to work well together. This policy set if focued on the components that install
to every managed cluster.
policies:
- policy-acs-secured-status
- policy-acs-secured-status
- policy-ocm-observability
6 changes: 3 additions & 3 deletions charts/hub/opp/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# No Values
ocm:
accessKey: '{{ `{{ fromSecret "openshift-storage" "noobaa-admin" "AWS_ACCESS_KEY_ID" }}` }}'
secretKey: '{{ `{{ fromSecret "openshift-storage" "noobaa-admin" "AWS_SECRET_ACCESS_KEY" }}` }}'
# Need to use fromSecret for these keys. problems ith json output.
## accessKey: '{{ `{{ fromSecret "openshift-storage" "noobaa-admin" "AWS_ACCESS_KEY_ID" }}` }}'
## secretKey: '{{ `{{ fromSecret "openshift-storage" "noobaa-admin" "AWS_SECRET_ACCESS_KEY" }}` }}'


13 changes: 8 additions & 5 deletions tests/hub-opp-naked.expected.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,6 +104,8 @@ spec:
kind: ConfigurationPolicy
metadata:
name: policy-ocm-observability
annotations:
argocd.argoproj.io/compare-options: IgnoreExtraneous
spec:
object-templates:
- complianceType: musthave
Expand All @@ -117,12 +119,12 @@ spec:
thanos.yaml: |
type: s3
config:
bucket:
endpoint:
bucket: '{{ (lookup "objectbucket.io/v1alpha1" "ObjectBucket" "" "obc-quay-enterprise-quay-registry-quay-datastore").spec.endpoint.bucketName }}'
endpoint: '{{ (lookup "objectbucket.io/v1alpha1" "ObjectBucket" "" "obc-quay-enterprise-quay-registry-quay-datastore").spec.endpoint.bucketHost }}'
insecure: true
access_key: {{ `{{ fromSecret "openshift-storage" "noobaa-admin" "AWS_ACCESS_KEY_ID" }}` }}
secret_key: {{ `{{ fromSecret "openshift-storage" "noobaa-admin" "AWS_SECRET_ACCESS_KEY" }}` }}
type: Opaque
access_key: '{{ (lookup "v1" "Secret" "openshift-storage" "noobaa-admin").data.AWS_ACCESS_KEY_ID }}'
secret_key: '{{ (lookup "v1" "Secret" "openshift-storage" "noobaa-admin").data.AWS_SECRET_ACCESS_KEY }}'
type: Opaque
- complianceType: musthave
objectDefinition:
apiVersion: observability.open-cluster-management.io/v1beta2
Expand Down Expand Up @@ -173,3 +175,4 @@ spec:
to every managed cluster.
policies:
- policy-acs-secured-status
- policy-ocm-observability
13 changes: 8 additions & 5 deletions tests/hub-opp-normal.expected.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,6 +104,8 @@ spec:
kind: ConfigurationPolicy
metadata:
name: policy-ocm-observability
annotations:
argocd.argoproj.io/compare-options: IgnoreExtraneous
spec:
object-templates:
- complianceType: musthave
Expand All @@ -117,12 +119,12 @@ spec:
thanos.yaml: |
type: s3
config:
bucket:
endpoint:
bucket: '{{ (lookup "objectbucket.io/v1alpha1" "ObjectBucket" "" "obc-quay-enterprise-quay-registry-quay-datastore").spec.endpoint.bucketName }}'
endpoint: '{{ (lookup "objectbucket.io/v1alpha1" "ObjectBucket" "" "obc-quay-enterprise-quay-registry-quay-datastore").spec.endpoint.bucketHost }}'
insecure: true
access_key: {{ `{{ fromSecret "openshift-storage" "noobaa-admin" "AWS_ACCESS_KEY_ID" }}` }}
secret_key: {{ `{{ fromSecret "openshift-storage" "noobaa-admin" "AWS_SECRET_ACCESS_KEY" }}` }}
type: Opaque
access_key: '{{ (lookup "v1" "Secret" "openshift-storage" "noobaa-admin").data.AWS_ACCESS_KEY_ID }}'
secret_key: '{{ (lookup "v1" "Secret" "openshift-storage" "noobaa-admin").data.AWS_SECRET_ACCESS_KEY }}'
type: Opaque
- complianceType: musthave
objectDefinition:
apiVersion: observability.open-cluster-management.io/v1beta2
Expand Down Expand Up @@ -173,3 +175,4 @@ spec:
to every managed cluster.
policies:
- policy-acs-secured-status
- policy-ocm-observability
2 changes: 1 addition & 1 deletion values-global.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ global:
devel:
appURL: https://github.com/ipbabble/chat-client.git
image: quay.io/ipbabble/chat-client:latest
npmbase: quay.io/ipbabble/ubi-npm:latest
npmbase: quay.io/hybridcloudpatterns/ubi-npm:latest

main:
clusterGroupName: hub
Expand Down
5 changes: 5 additions & 0 deletions values-secret.yaml.template
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,3 +11,8 @@ secrets:
username: USERNAME
password: 'encoded password in single quotes'

# This is NOT for Quay.io. This is for the installed Quay registry.
quay:
account: QUAYADMINNAME
password: QUAYPASSWORD
email: quayadmin@example.com