helm: insert openstack secret for ccm (#2897)

This commit is contained in:
Malte Poll 2024-02-09 11:14:44 +01:00 committed by GitHub
parent a89133ae81
commit 5b73d48bdd
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 28 additions and 0 deletions

View File

@ -505,6 +505,7 @@ go_test(
"//internal/cloud/azureshared",
"//internal/cloud/cloudprovider",
"//internal/cloud/gcpshared",
"//internal/cloud/openstack",
"//internal/compatibility",
"//internal/config",
"//internal/constellation/state",

View File

@ -27,6 +27,7 @@ import (
"github.com/edgelesssys/constellation/v2/internal/cloud/azureshared"
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
"github.com/edgelesssys/constellation/v2/internal/cloud/gcpshared"
"github.com/edgelesssys/constellation/v2/internal/cloud/openstack"
"github.com/edgelesssys/constellation/v2/internal/config"
"github.com/edgelesssys/constellation/v2/internal/constellation/state"
"github.com/edgelesssys/constellation/v2/internal/kms/uri"
@ -58,6 +59,18 @@ func fakeServiceAccURI(provider cloudprovider.Provider) string {
UamiResourceID: "uid",
}
return creds.ToCloudServiceAccountURI()
case cloudprovider.OpenStack:
creds := openstack.AccountKey{
AuthURL: "authURL",
Username: "username",
Password: "password",
ProjectID: "projectID",
ProjectName: "projectName",
UserDomainName: "userDomainName",
ProjectDomainName: "projectDomainName",
RegionName: "regionName",
}
return creds.ToCloudServiceAccountURI()
default:
return ""
}

View File

@ -97,9 +97,23 @@ func extraConstellationServicesValues(
}
switch csp {
case cloudprovider.OpenStack:
creds, err := openstack.AccountKeyFromURI(serviceAccURI)
if err != nil {
return nil, err
}
credsIni := creds.CloudINI().FullConfiguration()
if openStackCfg == nil {
return nil, fmt.Errorf("no OpenStack config")
}
extraVals["ccm"] = map[string]any{
"OpenStack": map[string]any{
"secretData": credsIni,
},
}
yawolIni := creds.CloudINI().YawolConfiguration()
extraVals["yawol-config"] = map[string]any{
"secretData": yawolIni,
}
extraVals["openstack"] = map[string]any{
"deployYawolLoadBalancer": openStackCfg.DeployYawolLoadBalancer != nil && *openStackCfg.DeployYawolLoadBalancer,
}