Comments (5)
Thanks @sirajyasin ! A couple thoughts on how to approach it:
-
make this line conditional, based on an input/override to AIAP: https://github.com/airshipit/airshipctl/blob/master/tools/airship-in-a-pod/runner/assets/entrypoint.sh#L77
This^ is because we still want to regenerate/show secrets in our gates, but when we're testing an integration that uses real-life credentials in the manifests, we want to neither regenerate nor show! -
provide the decryption key to AIAP via a
kind: Secret
. The base kustomization could define the contents of this to include the mozilla key, and there could be a placeholder and/or documentation on how to kustomize a real key on top of it -
add documentation on how to use a custom key to the AIAP README
-
(probably outside the scope of this issue, & should be a follow-on) it would be great to leverage #2 to mount in azure key vault-hosted keys, perhaps using this feature: https://docs.microsoft.com/en-us/azure/aks/csi-secrets-store-driver
from airshipctl.
I can work on this issue if no one has started yet. Can someone assign this issue to me ?
from airshipctl.
All yours @sirajyasin
from airshipctl.
This Issue can be marked completed/Closed. Both the related PSs are merged now.
from airshipctl.
closing per merge
from airshipctl.
Related Issues (20)
- Support multiple versions of clusterctl HOT 5
- AIAP: Document the requirements for the infrastructure builder image HOT 4
- AIAP: Create a multi-node `infra-builder` image HOT 3
- AIAP: Using the `.git` suffix on repository names causes runner pod failure HOT 2
- Provide Calico CNI IPv4/v6/Dual Stack Support in Airshipctl HOT 2
- AIAP : Support for DualStack IPv6 HOT 2
- Install latest docker version within build_gate.sh script HOT 1
- Enable extraction of target/workload cluster artifacts HOT 3
- AIAP: Shift gates to use AIAP HOT 3
- AIAP: Documentation redirect HOT 3
- source|target version replacement for qcow_bundle is missing. HOT 4
- AIAP : Add support for IPV6 infra to test Airship-in-a-pod in Zuul Gates HOT 2
- 10_build_gate.sh fails to locate ensure-docker ansible role HOT 3
- `make manifests` target doesn't work HOT 1
- Create zuul job which performs make generate/make manifests HOT 1
- Develop new kubeconfig workflow HOT 2
- Allow to resume phase plan execution from a certain phase HOT 2
- Fail to create kubeval-validator image. HOT 2
- namespace-v1.json is missing when running "airshipctl plan validate deploy-gating" HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from airshipctl.