Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity

helm: insert openstack secret for ccm (#2897)

Browse Source
This commit is contained in:
Malte Poll 2024-02-09 11:14:44 +01:00 committed by GitHub
parent a89133ae81
commit 5b73d48bdd
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 28 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
internal/constellation/helm/BUILD.bazel
View File

@ -505,6 +505,7 @@ go_test(
"//internal/cloud/azureshared", "//internal/cloud/azureshared",
"//internal/cloud/cloudprovider", "//internal/cloud/cloudprovider",
"//internal/cloud/gcpshared", "//internal/cloud/gcpshared",
"//internal/cloud/openstack",
"//internal/compatibility", "//internal/compatibility",
"//internal/config", "//internal/config",
"//internal/constellation/state", "//internal/constellation/state",

13
internal/constellation/helm/loader_test.go
View File

@ -27,6 +27,7 @@ import (
"github.com/edgelesssys/constellation/v2/internal/cloud/azureshared" "github.com/edgelesssys/constellation/v2/internal/cloud/azureshared"
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
"github.com/edgelesssys/constellation/v2/internal/cloud/gcpshared" "github.com/edgelesssys/constellation/v2/internal/cloud/gcpshared"
"github.com/edgelesssys/constellation/v2/internal/cloud/openstack"
"github.com/edgelesssys/constellation/v2/internal/config" "github.com/edgelesssys/constellation/v2/internal/config"
"github.com/edgelesssys/constellation/v2/internal/constellation/state" "github.com/edgelesssys/constellation/v2/internal/constellation/state"
"github.com/edgelesssys/constellation/v2/internal/kms/uri" "github.com/edgelesssys/constellation/v2/internal/kms/uri"
@ -58,6 +59,18 @@ func fakeServiceAccURI(provider cloudprovider.Provider) string {
UamiResourceID: "uid", UamiResourceID: "uid",
} }
return creds.ToCloudServiceAccountURI() return creds.ToCloudServiceAccountURI()
case cloudprovider.OpenStack:
creds := openstack.AccountKey{
AuthURL: "authURL",
Username: "username",
Password: "password",
ProjectID: "projectID",
ProjectName: "projectName",
UserDomainName: "userDomainName",
ProjectDomainName: "projectDomainName",
RegionName: "regionName",
}
return creds.ToCloudServiceAccountURI()
default: default:
return "" return ""
} }

14
internal/constellation/helm/overrides.go
View File

@ -97,9 +97,23 @@ func extraConstellationServicesValues(
} }
switch csp { switch csp {
case cloudprovider.OpenStack: case cloudprovider.OpenStack:
creds, err := openstack.AccountKeyFromURI(serviceAccURI)
if err != nil {
return nil, err
}
credsIni := creds.CloudINI().FullConfiguration()
if openStackCfg == nil { if openStackCfg == nil {
return nil, fmt.Errorf("no OpenStack config") return nil, fmt.Errorf("no OpenStack config")
} }
extraVals["ccm"] = map[string]any{
"OpenStack": map[string]any{
"secretData": credsIni,
},
}
yawolIni := creds.CloudINI().YawolConfiguration()
extraVals["yawol-config"] = map[string]any{
"secretData": yawolIni,
}
extraVals["openstack"] = map[string]any{ extraVals["openstack"] = map[string]any{
"deployYawolLoadBalancer": openStackCfg.DeployYawolLoadBalancer != nil && *openStackCfg.DeployYawolLoadBalancer, "deployYawolLoadBalancer": openStackCfg.DeployYawolLoadBalancer != nil && *openStackCfg.DeployYawolLoadBalancer,
} }