Skip to content

Commit

Permalink
feat(catalog): Move manifests to a bundle, fix cronjob (#2392)
Browse files Browse the repository at this point in the history 
Signed-off-by: SamoKopecky <skopecky@redhat.com>

Signed-off-by: SamoKopecky <skopecky@redhat.com>
  • Loading branch information
@SamoKopecky
SamoKopecky authored Sep 8, 2022
1 parent ef85a73 commit e9bf61f
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 9 deletions.
4 changes: 2 additions & 2 deletions cluster-scope/base/batch/cronjobs/service-catalog-k8s-plugin/cronjob.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,10 +26,10 @@ spec:
echo "Authenticating with vault using SA JWT token ..."
VAULT_AUTH_TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
VAULT_CLIENT_TOKEN=$(vault write auth/$CLUSTER-k8s/login role=$ENV-ops-rw jwt="$VAULT_AUTH_TOKEN" -format=json | yq e '.auth.client_token' -)
VAULT_TOKEN=$(vault login -token-only $VAULT_CLIENT_TOKEN)
export VAULT_TOKEN=$(vault login -token-only $VAULT_CLIENT_TOKEN)
echo "Pushing k8s plugin SA token to vault ..."
vault kv put -mount=k8s_secrets moc/smaug/service-catalog/k8s-plugin-tokens $ENV_$CLUSTER_token=$token
vault kv put -mount=k8s_secrets moc/smaug/service-catalog/k8s-plugin-tokens "${ENV}_${CLUSTER}_token"=$token
env:
- name: VAULT_ADDR
value: https://vault-ui-vault.apps.smaug.na.operate-first.cloud
Expand Down
11 changes: 11 additions & 0 deletions cluster-scope/bundles/service-catalog-k8s-plugin/kustomization.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

resources:
- ../../base/batch/cronjobs/service-catalog-k8s-plugin
- ../../base/core/namespaces/service-catalog-k8s-plugin
- ../../base/core/secrets/service-catalog-k8s-plugin-token
- ../../base/core/serviceaccounts/service-catalog-k8s-plugin
- ../../base/core/serviceaccounts/vault-secret-writer
- ../../base/rbac.authorization.k8s.io/clusterrolebindings/service-catalog-k8s-plugin
- ../../base/rbac.authorization.k8s.io/clusterroles/service-catalog-k8s-plugin
8 changes: 1 addition & 7 deletions cluster-scope/overlays/prod/common/kustomization.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,19 +1,12 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../../../base/batch/cronjobs/service-catalog-k8s-plugin
- ../../../base/config.openshift.io/projects/cluster
- ../../../base/core/namespaces/service-catalog-k8s-plugin
- ../../../base/core/secrets/service-catalog-k8s-plugin-token
- ../../../base/core/serviceaccounts/service-catalog-k8s-plugin
- ../../../base/core/serviceaccounts/schemastore-ci
- ../../../base/core/serviceaccounts/vault-secret-writer
- ../../../base/rbac.authorization.k8s.io/clusterrolebindings/cluster-admins-rb
- ../../../base/rbac.authorization.k8s.io/clusterrolebindings/self-provisioners
- ../../../base/rbac.authorization.k8s.io/clusterrolebindings/sre
- ../../../base/rbac.authorization.k8s.io/clusterrolebindings/service-catalog-k8s-plugin
- ../../../base/rbac.authorization.k8s.io/clusterroles/events-aggregate-to-edit
- ../../../base/rbac.authorization.k8s.io/clusterroles/service-catalog-k8s-plugin
- ../../../base/user.openshift.io/groups/adoptium
- ../../../base/user.openshift.io/groups/ai-services
- ../../../base/user.openshift.io/groups/aiops-tools-workshop-admins
Expand Down Expand Up @@ -95,3 +88,4 @@ resources:
- ../../../base/user.openshift.io/groups/varangian
- ../../../base/user.openshift.io/groups/workshops
- ../../../bundles/opf-monitoring
- ../../../bundles/service-catalog-k8s-plugin

0 comments on commit e9bf61f

Please sign in to comment.