airship/promenade
Code Issues Proposed changes

Migrate to DH-managed config files

Browse Source 
Use the Deckhand engine module directly to manage local configuration
files during CLI usage.

Note: not doing document validation as DH currently requires schemas to
be sourced from the database. Simple schema validation in place.

- Layering/substitution
- Schema validation based on DataSchema documents in payload
- Add deckhand to requirements

A few tooling updates

- concatenate test & schema yaml files into a single file to avoid name
  conflicts
- make nginx directory in build-scripts stage

Change-Id: I2d56244f01c58052f14331bc09fd5843d4c95292
This commit is contained in:
Scott Hussey 2018-01-12 16:43:20 -06:00 committed by Mark Burnett
parent ac8594d69e
commit 7917237ae0
20 changed files with 406 additions and 280 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
examples/basic/Docker.yaml
View File

@ -6,6 +6,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
data: data:
config: config:
insecure-registries: insecure-registries:

1
examples/basic/Kubelet.yaml
View File

@ -6,6 +6,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
data: data:
arguments: arguments:
- --cni-bin-dir=/opt/cni/bin - --cni-bin-dir=/opt/cni/bin

1
examples/basic/KubernetesNetwork.yaml
View File

@ -6,6 +6,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
data: data:
dns: dns:
cluster_domain: cluster.local cluster_domain: cluster.local

252
examples/basic/armada-resources.yaml
View File

@ -124,23 +124,23 @@ metadata:
src: src:
schema: deckhand/CertificateAuthority/v1 schema: deckhand/CertificateAuthority/v1
name: kubernetes name: kubernetes
path: $ path: .
dest: dest:
path: '$.values.secrets.tls.ca' path: '.values.secrets.tls.ca'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: proxy name: proxy
path: $ path: .
dest: dest:
path: '$.values.secrets.tls.cert' path: '.values.secrets.tls.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: proxy name: proxy
path: $ path: .
dest: dest:
path: '$.values.secrets.tls.key' path: '.values.secrets.tls.key'
data: data:
chart_name: proxy chart_name: proxy
release: kubernetes-proxy release: kubernetes-proxy
@ -180,147 +180,147 @@ metadata:
src: src:
schema: deckhand/CertificateAuthority/v1 schema: deckhand/CertificateAuthority/v1
name: calico-etcd name: calico-etcd
path: $ path: .
dest: dest:
path: '$.values.secrets.tls.client.ca' path: '.values.secrets.tls.client.ca'
- -
src: src:
schema: deckhand/CertificateAuthority/v1 schema: deckhand/CertificateAuthority/v1
name: calico-etcd-peer name: calico-etcd-peer
path: $ path: .
dest: dest:
path: '$.values.secrets.tls.peer.ca' path: '.values.secrets.tls.peer.ca'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: calico-etcd-anchor name: calico-etcd-anchor
path: $ path: .
dest: dest:
path: '$.values.secrets.anchor.tls.cert' path: '.values.secrets.anchor.tls.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: calico-etcd-anchor name: calico-etcd-anchor
path: $ path: .
dest: dest:
path: '$.values.secrets.anchor.tls.key' path: '.values.secrets.anchor.tls.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: calico-etcd-n0 name: calico-etcd-n0
path: $ path: .
dest: dest:
path: '$.values.nodes[0].tls.client.cert' path: '.values.nodes[0].tls.client.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: calico-etcd-n0 name: calico-etcd-n0
path: $ path: .
dest: dest:
path: '$.values.nodes[0].tls.client.key' path: '.values.nodes[0].tls.client.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: calico-etcd-n0-peer name: calico-etcd-n0-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[0].tls.peer.cert' path: '.values.nodes[0].tls.peer.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: calico-etcd-n0-peer name: calico-etcd-n0-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[0].tls.peer.key' path: '.values.nodes[0].tls.peer.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: calico-etcd-n1 name: calico-etcd-n1
path: $ path: .
dest: dest:
path: '$.values.nodes[1].tls.client.cert' path: '.values.nodes[1].tls.client.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: calico-etcd-n1 name: calico-etcd-n1
path: $ path: .
dest: dest:
path: '$.values.nodes[1].tls.client.key' path: '.values.nodes[1].tls.client.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: calico-etcd-n1-peer name: calico-etcd-n1-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[1].tls.peer.cert' path: '.values.nodes[1].tls.peer.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: calico-etcd-n1-peer name: calico-etcd-n1-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[1].tls.peer.key' path: '.values.nodes[1].tls.peer.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: calico-etcd-n2 name: calico-etcd-n2
path: $ path: .
dest: dest:
path: '$.values.nodes[2].tls.client.cert' path: '.values.nodes[2].tls.client.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: calico-etcd-n2 name: calico-etcd-n2
path: $ path: .
dest: dest:
path: '$.values.nodes[2].tls.client.key' path: '.values.nodes[2].tls.client.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: calico-etcd-n2-peer name: calico-etcd-n2-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[2].tls.peer.cert' path: '.values.nodes[2].tls.peer.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: calico-etcd-n2-peer name: calico-etcd-n2-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[2].tls.peer.key' path: '.values.nodes[2].tls.peer.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: calico-etcd-n3 name: calico-etcd-n3
path: $ path: .
dest: dest:
path: '$.values.nodes[3].tls.client.cert' path: '.values.nodes[3].tls.client.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: calico-etcd-n3 name: calico-etcd-n3
path: $ path: .
dest: dest:
path: '$.values.nodes[3].tls.client.key' path: '.values.nodes[3].tls.client.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: calico-etcd-n3-peer name: calico-etcd-n3-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[3].tls.peer.cert' path: '.values.nodes[3].tls.peer.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: calico-etcd-n3-peer name: calico-etcd-n3-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[3].tls.peer.key' path: '.values.nodes[3].tls.peer.key'
data: data:
chart_name: etcd chart_name: etcd
@ -424,23 +424,23 @@ metadata:
src: src:
schema: deckhand/CertificateAuthority/v1 schema: deckhand/CertificateAuthority/v1
name: calico-etcd name: calico-etcd
path: $ path: .
dest: dest:
path: '$.values.etcd.tls.ca' path: '.values.etcd.tls.ca'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: calico-node name: calico-node
path: $ path: .
dest: dest:
path: '$.values.etcd.tls.cert' path: '.values.etcd.tls.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: calico-node name: calico-node
path: $ path: .
dest: dest:
path: '$.values.etcd.tls.key' path: '.values.etcd.tls.key'
data: data:
chart_name: calico chart_name: calico
release: calico release: calico
@ -487,23 +487,23 @@ metadata:
src: src:
schema: deckhand/CertificateAuthority/v1 schema: deckhand/CertificateAuthority/v1
name: kubernetes name: kubernetes
path: $ path: .
dest: dest:
path: '$.values.tls.ca' path: '.values.tls.ca'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: coredns name: coredns
path: $ path: .
dest: dest:
path: '$.values.tls.cert' path: '.values.tls.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: coredns name: coredns
path: $ path: .
dest: dest:
path: '$.values.tls.key' path: '.values.tls.key'
data: data:
chart_name: coredns chart_name: coredns
release: coredns release: coredns
@ -567,52 +567,52 @@ metadata:
src: src:
schema: deckhand/CertificateAuthority/v1 schema: deckhand/CertificateAuthority/v1
name: kubernetes name: kubernetes
path: $ path: .
dest: dest:
path: $.values.secrets.tls.ca path: .values.secrets.tls.ca
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: apiserver name: apiserver
path: $ path: .
dest: dest:
path: $.values.secrets.tls.cert path: .values.secrets.tls.cert
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: apiserver name: apiserver
path: $ path: .
dest: dest:
path: $.values.secrets.tls.key path: .values.secrets.tls.key
- -
src: src:
schema: deckhand/CertificateAuthority/v1 schema: deckhand/CertificateAuthority/v1
name: kubernetes-etcd name: kubernetes-etcd
path: $ path: .
dest: dest:
path: $.values.secrets.etcd.tls.ca path: .values.secrets.etcd.tls.ca
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: apiserver-etcd name: apiserver-etcd
path: $ path: .
dest: dest:
path: $.values.secrets.etcd.tls.cert path: .values.secrets.etcd.tls.cert
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: apiserver-etcd name: apiserver-etcd
path: $ path: .
dest: dest:
path: $.values.secrets.etcd.tls.key path: .values.secrets.etcd.tls.key
- -
src: src:
schema: deckhand/PublicKey/v1 schema: deckhand/PublicKey/v1
name: service-account name: service-account
path: $ path: .
dest: dest:
path: $.values.secrets.service_account.public_key path: .values.secrets.service_account.public_key
data: data:
chart_name: apiserver chart_name: apiserver
@ -668,31 +668,31 @@ metadata:
src: src:
schema: deckhand/CertificateAuthority/v1 schema: deckhand/CertificateAuthority/v1
name: kubernetes name: kubernetes
path: $ path: .
dest: dest:
path: $.values.secrets.tls.ca path: .values.secrets.tls.ca
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: controller-manager name: controller-manager
path: $ path: .
dest: dest:
path: $.values.secrets.tls.cert path: .values.secrets.tls.cert
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: controller-manager name: controller-manager
path: $ path: .
dest: dest:
path: $.values.secrets.tls.key path: .values.secrets.tls.key
- -
src: src:
schema: deckhand/PrivateKey/v1 schema: deckhand/PrivateKey/v1
name: service-account name: service-account
path: $ path: .
dest: dest:
path: $.values.secrets.service_account.private_key path: .values.secrets.service_account.private_key
data: data:
chart_name: controller_manager chart_name: controller_manager
@ -740,23 +740,23 @@ metadata:
src: src:
schema: deckhand/CertificateAuthority/v1 schema: deckhand/CertificateAuthority/v1
name: kubernetes name: kubernetes
path: $ path: .
dest: dest:
path: $.values.secrets.tls.ca path: .values.secrets.tls.ca
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: scheduler name: scheduler
path: $ path: .
dest: dest:
path: $.values.secrets.tls.cert path: .values.secrets.tls.cert
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: scheduler name: scheduler
path: $ path: .
dest: dest:
path: $.values.secrets.tls.key path: .values.secrets.tls.key
data: data:
chart_name: scheduler chart_name: scheduler
@ -802,147 +802,147 @@ metadata:
src: src:
schema: deckhand/CertificateAuthority/v1 schema: deckhand/CertificateAuthority/v1
name: kubernetes-etcd name: kubernetes-etcd
path: $ path: .
dest: dest:
path: '$.values.secrets.tls.client.ca' path: '.values.secrets.tls.client.ca'
- -
src: src:
schema: deckhand/CertificateAuthority/v1 schema: deckhand/CertificateAuthority/v1
name: kubernetes-etcd-peer name: kubernetes-etcd-peer
path: $ path: .
dest: dest:
path: '$.values.secrets.tls.peer.ca' path: '.values.secrets.tls.peer.ca'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: kubernetes-etcd-anchor name: kubernetes-etcd-anchor
path: $ path: .
dest: dest:
path: '$.values.secrets.anchor.tls.cert' path: '.values.secrets.anchor.tls.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-anchor name: kubernetes-etcd-anchor
path: $ path: .
dest: dest:
path: '$.values.secrets.anchor.tls.key' path: '.values.secrets.anchor.tls.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: kubernetes-etcd-n0 name: kubernetes-etcd-n0
path: $ path: .
dest: dest:
path: '$.values.nodes[0].tls.client.cert' path: '.values.nodes[0].tls.client.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n0 name: kubernetes-etcd-n0
path: $ path: .
dest: dest:
path: '$.values.nodes[0].tls.client.key' path: '.values.nodes[0].tls.client.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: kubernetes-etcd-n0-peer name: kubernetes-etcd-n0-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[0].tls.peer.cert' path: '.values.nodes[0].tls.peer.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n0-peer name: kubernetes-etcd-n0-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[0].tls.peer.key' path: '.values.nodes[0].tls.peer.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: kubernetes-etcd-n1 name: kubernetes-etcd-n1
path: $ path: .
dest: dest:
path: '$.values.nodes[1].tls.client.cert' path: '.values.nodes[1].tls.client.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n1 name: kubernetes-etcd-n1
path: $ path: .
dest: dest:
path: '$.values.nodes[1].tls.client.key' path: '.values.nodes[1].tls.client.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: kubernetes-etcd-n1-peer name: kubernetes-etcd-n1-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[1].tls.peer.cert' path: '.values.nodes[1].tls.peer.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n1-peer name: kubernetes-etcd-n1-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[1].tls.peer.key' path: '.values.nodes[1].tls.peer.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: kubernetes-etcd-n2 name: kubernetes-etcd-n2
path: $ path: .
dest: dest:
path: '$.values.nodes[2].tls.client.cert' path: '.values.nodes[2].tls.client.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n2 name: kubernetes-etcd-n2
path: $ path: .
dest: dest:
path: '$.values.nodes[2].tls.client.key' path: '.values.nodes[2].tls.client.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: kubernetes-etcd-n2-peer name: kubernetes-etcd-n2-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[2].tls.peer.cert' path: '.values.nodes[2].tls.peer.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n2-peer name: kubernetes-etcd-n2-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[2].tls.peer.key' path: '.values.nodes[2].tls.peer.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: kubernetes-etcd-n3 name: kubernetes-etcd-n3
path: $ path: .
dest: dest:
path: '$.values.nodes[3].tls.client.cert' path: '.values.nodes[3].tls.client.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n3 name: kubernetes-etcd-n3
path: $ path: .
dest: dest:
path: '$.values.nodes[3].tls.client.key' path: '.values.nodes[3].tls.client.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: kubernetes-etcd-n3-peer name: kubernetes-etcd-n3-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[3].tls.peer.cert' path: '.values.nodes[3].tls.peer.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n3-peer name: kubernetes-etcd-n3-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[3].tls.peer.key' path: '.values.nodes[3].tls.peer.key'
data: data:
chart_name: etcd chart_name: etcd

1
examples/complete/Docker.yaml
View File

@ -6,7 +6,6 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
data: data:
config: config:
insecure-registries: insecure-registries:

1
examples/complete/Kubelet.yaml
View File

@ -6,7 +6,6 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
data: data:
arguments: arguments:
- --cni-bin-dir=/opt/cni/bin - --cni-bin-dir=/opt/cni/bin

1
examples/complete/KubernetesNetwork.yaml
View File

@ -6,7 +6,6 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
data: data:
dns: dns:
cluster_domain: cluster.local cluster_domain: cluster.local

252
examples/complete/armada-resources.yaml
View File

@ -168,23 +168,23 @@ metadata:
src: src:
schema: deckhand/CertificateAuthority/v1 schema: deckhand/CertificateAuthority/v1
name: kubernetes name: kubernetes
path: $ path: .
dest: dest:
path: '$.values.secrets.tls.ca' path: '.values.secrets.tls.ca'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: proxy name: proxy
path: $ path: .
dest: dest:
path: '$.values.secrets.tls.cert' path: '.values.secrets.tls.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: proxy name: proxy
path: $ path: .
dest: dest:
path: '$.values.secrets.tls.key' path: '.values.secrets.tls.key'
data: data:
chart_name: proxy chart_name: proxy
release: kubernetes-proxy release: kubernetes-proxy
@ -225,147 +225,147 @@ metadata:
src: src:
schema: deckhand/CertificateAuthority/v1 schema: deckhand/CertificateAuthority/v1
name: calico-etcd name: calico-etcd
path: $ path: .
dest: dest:
path: '$.values.secrets.tls.client.ca' path: '.values.secrets.tls.client.ca'
- -
src: src:
schema: deckhand/CertificateAuthority/v1 schema: deckhand/CertificateAuthority/v1
name: calico-etcd-peer name: calico-etcd-peer
path: $ path: .
dest: dest:
path: '$.values.secrets.tls.peer.ca' path: '.values.secrets.tls.peer.ca'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: calico-etcd-anchor name: calico-etcd-anchor
path: $ path: .
dest: dest:
path: '$.values.secrets.anchor.tls.cert' path: '.values.secrets.anchor.tls.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: calico-etcd-anchor name: calico-etcd-anchor
path: $ path: .
dest: dest:
path: '$.values.secrets.anchor.tls.key' path: '.values.secrets.anchor.tls.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: calico-etcd-n0 name: calico-etcd-n0
path: $ path: .
dest: dest:
path: '$.values.nodes[0].tls.client.cert' path: '.values.nodes[0].tls.client.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: calico-etcd-n0 name: calico-etcd-n0
path: $ path: .
dest: dest:
path: '$.values.nodes[0].tls.client.key' path: '.values.nodes[0].tls.client.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: calico-etcd-n0-peer name: calico-etcd-n0-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[0].tls.peer.cert' path: '.values.nodes[0].tls.peer.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: calico-etcd-n0-peer name: calico-etcd-n0-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[0].tls.peer.key' path: '.values.nodes[0].tls.peer.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: calico-etcd-n1 name: calico-etcd-n1
path: $ path: .
dest: dest:
path: '$.values.nodes[1].tls.client.cert' path: '.values.nodes[1].tls.client.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: calico-etcd-n1 name: calico-etcd-n1
path: $ path: .
dest: dest:
path: '$.values.nodes[1].tls.client.key' path: '.values.nodes[1].tls.client.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: calico-etcd-n1-peer name: calico-etcd-n1-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[1].tls.peer.cert' path: '.values.nodes[1].tls.peer.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: calico-etcd-n1-peer name: calico-etcd-n1-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[1].tls.peer.key' path: '.values.nodes[1].tls.peer.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: calico-etcd-n2 name: calico-etcd-n2
path: $ path: .
dest: dest:
path: '$.values.nodes[2].tls.client.cert' path: '.values.nodes[2].tls.client.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: calico-etcd-n2 name: calico-etcd-n2
path: $ path: .
dest: dest:
path: '$.values.nodes[2].tls.client.key' path: '.values.nodes[2].tls.client.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: calico-etcd-n2-peer name: calico-etcd-n2-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[2].tls.peer.cert' path: '.values.nodes[2].tls.peer.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: calico-etcd-n2-peer name: calico-etcd-n2-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[2].tls.peer.key' path: '.values.nodes[2].tls.peer.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: calico-etcd-n3 name: calico-etcd-n3
path: $ path: .
dest: dest:
path: '$.values.nodes[3].tls.client.cert' path: '.values.nodes[3].tls.client.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: calico-etcd-n3 name: calico-etcd-n3
path: $ path: .
dest: dest:
path: '$.values.nodes[3].tls.client.key' path: '.values.nodes[3].tls.client.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: calico-etcd-n3-peer name: calico-etcd-n3-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[3].tls.peer.cert' path: '.values.nodes[3].tls.peer.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: calico-etcd-n3-peer name: calico-etcd-n3-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[3].tls.peer.key' path: '.values.nodes[3].tls.peer.key'
data: data:
chart_name: etcd chart_name: etcd
@ -470,23 +470,23 @@ metadata:
src: src:
schema: deckhand/CertificateAuthority/v1 schema: deckhand/CertificateAuthority/v1
name: calico-etcd name: calico-etcd
path: $ path: .
dest: dest:
path: '$.values.etcd.tls.ca' path: '.values.etcd.tls.ca'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: calico-node name: calico-node
path: $ path: .
dest: dest:
path: '$.values.etcd.tls.cert' path: '.values.etcd.tls.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: calico-node name: calico-node
path: $ path: .
dest: dest:
path: '$.values.etcd.tls.key' path: '.values.etcd.tls.key'
data: data:
chart_name: calico chart_name: calico
release: calico release: calico
@ -534,23 +534,23 @@ metadata:
src: src:
schema: deckhand/CertificateAuthority/v1 schema: deckhand/CertificateAuthority/v1
name: kubernetes name: kubernetes
path: $ path: .
dest: dest:
path: '$.values.tls.ca' path: '.values.tls.ca'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: coredns name: coredns
path: $ path: .
dest: dest:
path: '$.values.tls.cert' path: '.values.tls.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: coredns name: coredns
path: $ path: .
dest: dest:
path: '$.values.tls.key' path: '.values.tls.key'
data: data:
chart_name: coredns chart_name: coredns
release: coredns release: coredns
@ -614,52 +614,52 @@ metadata:
src: src:
schema: deckhand/CertificateAuthority/v1 schema: deckhand/CertificateAuthority/v1
name: kubernetes name: kubernetes
path: $ path: .
dest: dest:
path: $.values.secrets.tls.ca path: .values.secrets.tls.ca
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: apiserver name: apiserver
path: $ path: .
dest: dest:
path: $.values.secrets.tls.cert path: .values.secrets.tls.cert
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: apiserver name: apiserver
path: $ path: .
dest: dest:
path: $.values.secrets.tls.key path: .values.secrets.tls.key
- -
src: src:
schema: deckhand/CertificateAuthority/v1 schema: deckhand/CertificateAuthority/v1
name: kubernetes-etcd name: kubernetes-etcd
path: $ path: .
dest: dest:
path: $.values.secrets.etcd.tls.ca path: .values.secrets.etcd.tls.ca
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: apiserver-etcd name: apiserver-etcd
path: $ path: .
dest: dest:
path: $.values.secrets.etcd.tls.cert path: .values.secrets.etcd.tls.cert
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: apiserver-etcd name: apiserver-etcd
path: $ path: .
dest: dest:
path: $.values.secrets.etcd.tls.key path: .values.secrets.etcd.tls.key
- -
src: src:
schema: deckhand/PublicKey/v1 schema: deckhand/PublicKey/v1
name: service-account name: service-account
path: $ path: .
dest: dest:
path: $.values.secrets.service_account.public_key path: .values.secrets.service_account.public_key
data: data:
chart_name: apiserver chart_name: apiserver
@ -715,31 +715,31 @@ metadata:
src: src:
schema: deckhand/CertificateAuthority/v1 schema: deckhand/CertificateAuthority/v1
name: kubernetes name: kubernetes
path: $ path: .
dest: dest:
path: $.values.secrets.tls.ca path: .values.secrets.tls.ca
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: controller-manager name: controller-manager
path: $ path: .
dest: dest:
path: $.values.secrets.tls.cert path: .values.secrets.tls.cert
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: controller-manager name: controller-manager
path: $ path: .
dest: dest:
path: $.values.secrets.tls.key path: .values.secrets.tls.key
- -
src: src:
schema: deckhand/PrivateKey/v1 schema: deckhand/PrivateKey/v1
name: service-account name: service-account
path: $ path: .
dest: dest:
path: $.values.secrets.service_account.private_key path: .values.secrets.service_account.private_key
data: data:
chart_name: controller_manager chart_name: controller_manager
@ -787,23 +787,23 @@ metadata:
src: src:
schema: deckhand/CertificateAuthority/v1 schema: deckhand/CertificateAuthority/v1
name: kubernetes name: kubernetes
path: $ path: .
dest: dest:
path: $.values.secrets.tls.ca path: .values.secrets.tls.ca
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: scheduler name: scheduler
path: $ path: .
dest: dest:
path: $.values.secrets.tls.cert path: .values.secrets.tls.cert
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: scheduler name: scheduler
path: $ path: .
dest: dest:
path: $.values.secrets.tls.key path: .values.secrets.tls.key
data: data:
chart_name: scheduler chart_name: scheduler
@ -849,147 +849,147 @@ metadata:
src: src:
schema: deckhand/CertificateAuthority/v1 schema: deckhand/CertificateAuthority/v1
name: kubernetes-etcd name: kubernetes-etcd
path: $ path: .
dest: dest:
path: '$.values.secrets.tls.client.ca' path: '.values.secrets.tls.client.ca'
- -
src: src:
schema: deckhand/CertificateAuthority/v1 schema: deckhand/CertificateAuthority/v1
name: kubernetes-etcd-peer name: kubernetes-etcd-peer
path: $ path: .
dest: dest:
path: '$.values.secrets.tls.peer.ca' path: '.values.secrets.tls.peer.ca'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: kubernetes-etcd-anchor name: kubernetes-etcd-anchor
path: $ path: .
dest: dest:
path: '$.values.secrets.anchor.tls.cert' path: '.values.secrets.anchor.tls.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-anchor name: kubernetes-etcd-anchor
path: $ path: .
dest: dest:
path: '$.values.secrets.anchor.tls.key' path: '.values.secrets.anchor.tls.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: kubernetes-etcd-n0 name: kubernetes-etcd-n0
path: $ path: .
dest: dest:
path: '$.values.nodes[0].tls.client.cert' path: '.values.nodes[0].tls.client.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n0 name: kubernetes-etcd-n0
path: $ path: .
dest: dest:
path: '$.values.nodes[0].tls.client.key' path: '.values.nodes[0].tls.client.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: kubernetes-etcd-n0-peer name: kubernetes-etcd-n0-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[0].tls.peer.cert' path: '.values.nodes[0].tls.peer.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n0-peer name: kubernetes-etcd-n0-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[0].tls.peer.key' path: '.values.nodes[0].tls.peer.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: kubernetes-etcd-n1 name: kubernetes-etcd-n1
path: $ path: .
dest: dest:
path: '$.values.nodes[1].tls.client.cert' path: '.values.nodes[1].tls.client.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n1 name: kubernetes-etcd-n1
path: $ path: .
dest: dest:
path: '$.values.nodes[1].tls.client.key' path: '.values.nodes[1].tls.client.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: kubernetes-etcd-n1-peer name: kubernetes-etcd-n1-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[1].tls.peer.cert' path: '.values.nodes[1].tls.peer.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n1-peer name: kubernetes-etcd-n1-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[1].tls.peer.key' path: '.values.nodes[1].tls.peer.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: kubernetes-etcd-n2 name: kubernetes-etcd-n2
path: $ path: .
dest: dest:
path: '$.values.nodes[2].tls.client.cert' path: '.values.nodes[2].tls.client.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n2 name: kubernetes-etcd-n2
path: $ path: .
dest: dest:
path: '$.values.nodes[2].tls.client.key' path: '.values.nodes[2].tls.client.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: kubernetes-etcd-n2-peer name: kubernetes-etcd-n2-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[2].tls.peer.cert' path: '.values.nodes[2].tls.peer.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n2-peer name: kubernetes-etcd-n2-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[2].tls.peer.key' path: '.values.nodes[2].tls.peer.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: kubernetes-etcd-n3 name: kubernetes-etcd-n3
path: $ path: .
dest: dest:
path: '$.values.nodes[3].tls.client.cert' path: '.values.nodes[3].tls.client.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n3 name: kubernetes-etcd-n3
path: $ path: .
dest: dest:
path: '$.values.nodes[3].tls.client.key' path: '.values.nodes[3].tls.client.key'
- -
src: src:
schema: deckhand/Certificate/v1 schema: deckhand/Certificate/v1
name: kubernetes-etcd-n3-peer name: kubernetes-etcd-n3-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[3].tls.peer.cert' path: '.values.nodes[3].tls.peer.cert'
- -
src: src:
schema: deckhand/CertificateKey/v1 schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n3-peer name: kubernetes-etcd-n3-peer
path: $ path: .
dest: dest:
path: '$.values.nodes[3].tls.peer.key' path: '.values.nodes[3].tls.peer.key'
data: data:
chart_name: etcd chart_name: etcd

2
promenade/builder.py
View File

@ -112,8 +112,10 @@ class Builder:
def _fetch_tar_content(*, url, path): def _fetch_tar_content(*, url, path):
LOG.debug('Fetching url=%s (tar path=%s)', url, path)
response = requests.get(url) response = requests.get(url)
response.raise_for_status() response.raise_for_status()
LOG.debug('Finished downloading url=%s (tar path=%s)', url, path)
f = io.BytesIO(response.content) f = io.BytesIO(response.content)
tf = tarfile.open(fileobj=f, mode='r') tf = tarfile.open(fileobj=f, mode='r')
buf_reader = tf.extractfile(path) buf_reader = tf.extractfile(path)

5
promenade/cli.py
View File

@ -56,7 +56,10 @@ def genereate_certs(*, calico_etcd_service_ip, config_files, output_dir):
debug = _debug() debug = _debug()
try: try:
c = config.Configuration.from_streams( c = config.Configuration.from_streams(
debug=debug, streams=config_files, substitute=False) debug=debug,
streams=config_files,
substitute=False,
validate=False)
g = generator.Generator( g = generator.Generator(
c, calico_etcd_service_ip=calico_etcd_service_ip) c, calico_etcd_service_ip=calico_etcd_service_ip)
g.generate(output_dir) g.generate(output_dir)

41
promenade/config.py
View File

@ -5,15 +5,32 @@ import jinja2
import jsonpath_ng import jsonpath_ng
import yaml import yaml
from deckhand.engine import layering
__all__ = ['Configuration'] __all__ = ['Configuration']
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
class Configuration: class Configuration:
def __init__(self, *, documents, debug=False, substitute=True): def __init__(self,
*,
documents,
debug=False,
substitute=True,
validate=True):
LOG.info("Parsing document schemas.")
schema_set = validation.load_schemas_from_docs(documents)
LOG.info("Parsed %d document schemas." % len(schema_set))
LOG.info("Building config from %d documents." % len(documents))
if substitute: if substitute:
documents = _substitute(documents) LOG.info("Rendering documents via Deckhand engine.")
deckhand_eng = layering.DocumentLayering(
documents, substitution_sources=documents)
documents = [dict(d) for d in deckhand_eng.render()]
LOG.info("Deckhand engine returned %d documents." % len(documents))
if validate:
validation.check_schemas(documents, schemas=schema_set)
self.debug = debug self.debug = debug
self.documents = documents self.documents = documents
@ -25,20 +42,18 @@ class Configuration:
if stream_name is not None: if stream_name is not None:
LOG.info('Loading documents from %s', stream_name) LOG.info('Loading documents from %s', stream_name)
stream_documents = list(yaml.safe_load_all(stream)) stream_documents = list(yaml.safe_load_all(stream))
validation.check_schemas(stream_documents)
if stream_name is not None: if stream_name is not None:
LOG.info('Successfully validated documents from %s', LOG.info('Successfully loaded %d documents from %s',
stream_name) len(stream_documents), stream_name)
documents.extend(stream_documents) documents.extend(stream_documents)
return cls(documents=documents, **kwargs) return cls(documents=documents, **kwargs)
@classmethod @classmethod
def from_design_ref(cls, design_ref): def from_design_ref(cls, design_ref, **kwargs):
documents = get_documents(design_ref) documents = get_documents(design_ref)
validation.check_schemas(documents)
return cls(documents=documents) return cls(documents=documents, **kwargs)
def __getitem__(self, path): def __getitem__(self, path):
value = self.get_path(path) value = self.get_path(path)
@ -86,7 +101,10 @@ class Configuration:
LOG.debug('Excluding schema=%s metadata.name=%s', LOG.debug('Excluding schema=%s metadata.name=%s',
document['schema'], _mg(document, 'name')) document['schema'], _mg(document, 'name'))
return Configuration( return Configuration(
debug=self.debug, documents=documents, substitute=False) debug=self.debug,
documents=documents,
substitute=False,
validate=False)
def extract_node_config(self, name): def extract_node_config(self, name):
LOG.debug('Extracting node config for %s.', name) LOG.debug('Extracting node config for %s.', name)
@ -105,7 +123,10 @@ class Configuration:
else: else:
documents.append(document) documents.append(document)
return Configuration( return Configuration(
debug=self.debug, documents=documents, substitute=False) debug=self.debug,
documents=documents,
substitute=False,
validate=False)
@property @property
def kubelet_name(self): def kubelet_name(self):

5
promenade/logging.py
View File

@ -34,6 +34,11 @@ DEFAULT_CONFIG = {
}, },
}, },
'loggers': { 'loggers': {
'deckhand': {
'handlers': ['default'],
'level': 'INFO',
'propagate': False,
},
'promenade': { 'promenade': {
'handlers': ['default'], 'handlers': ['default'],
'level': 'INFO', 'level': 'INFO',

35
promenade/validation.py
View File

@ -40,13 +40,15 @@ def check_design(config):
raise exceptions.ValidationException() raise exceptions.ValidationException()
def check_schemas(documents): def check_schemas(documents, schemas=None):
if not schemas:
schemas = load_schemas_from_docs(documents)
for document in documents: for document in documents:
check_schema(document) check_schema(document, schemas=schemas)
def check_schema(document): def check_schema(document, schemas=None):
if type(document) != dict: if not isinstance(document, dict):
LOG.error('Non-dictionary document passed to schema validation.') LOG.error('Non-dictionary document passed to schema validation.')
return return
@ -55,9 +57,11 @@ def check_schema(document):
LOG.debug('Validating schema for schema=%s metadata.name=%s', schema_name, LOG.debug('Validating schema for schema=%s metadata.name=%s', schema_name,
document.get('metadata', {}).get('name', '<missing>')) document.get('metadata', {}).get('name', '<missing>'))
if schema_name in SCHEMAS: schema_set = SCHEMAS if schemas is None else schemas
if schema_name in schema_set:
try: try:
jsonschema.validate(document.get('data'), SCHEMAS[schema_name]) jsonschema.validate(document.get('data'), schema_set[schema_name])
except jsonschema.ValidationError as e: except jsonschema.ValidationError as e:
raise exceptions.ValidationException(str(e)) raise exceptions.ValidationException(str(e))
else: else:
@ -67,6 +71,25 @@ def check_schema(document):
SCHEMAS = {} SCHEMAS = {}
def load_schemas_from_docs(doc_set):
'''
Fills the cache of known schemas from the document set
'''
SCHEMA_SCHEMA = "deckhand/DataSchema/v1"
schema_set = dict()
for document in doc_set:
if document.get('schema', '') == SCHEMA_SCHEMA:
name = document['metadata']['name']
LOG.debug("Found schema for %s." % name)
if name in schema_set:
raise RuntimeError('Duplicate schema specified for: %s' % name)
schema_set[name] = document['data']
return schema_set
def _load_schemas(): def _load_schemas():
''' '''
Fills the cache of known schemas Fills the cache of known schemas

1
requirements-direct.txt
View File

@ -13,3 +13,4 @@ pbr==3.0.1
pyyaml==3.12 pyyaml==3.12
requests==2.18.4 requests==2.18.4
uwsgi==2.0.15 uwsgi==2.0.15
git+https://github.com/att-comdev/deckhand.git@master#egg=deckhand

57
requirements-frozen.txt
View File

@ -1,54 +1,97 @@
alembic==0.9.6
amqp==2.2.2
Babel==2.5.1 Babel==2.5.1
cachetools==2.0.1 cachetools==2.0.1
certifi==2017.11.5 certifi==2017.11.5
chardet==3.0.4 chardet==3.0.4
click==6.7 click==6.7
cliff==2.10.0
cmd2==0.7.9
contextlib2==0.5.5
debtcollector==1.19.0 debtcollector==1.19.0
git+https://github.com/att-comdev/deckhand.git@master#egg=deckhand
decorator==4.1.2 decorator==4.1.2
dogpile.cache==0.6.4
enum-compat==0.0.2
eventlet==0.20.0
falcon==1.2.0 falcon==1.2.0
google-auth==1.2.1 fasteners==0.14.1
flake8==2.5.5
futurist==1.6.0
google-auth==1.3.0
greenlet==0.4.12
hacking==1.0.0
idna==2.6 idna==2.6
ipaddress==1.0.18 ipaddress==1.0.19
iso8601==0.1.12 iso8601==0.1.12
Jinja2==2.9.6 Jinja2==2.9.6
jsonpath-ng==1.4.3 jsonpath-ng==1.4.3
jsonschema==2.6.0 jsonschema==2.6.0
keystoneauth1==3.3.0 keystoneauth1==3.3.0
keystonemiddleware==4.17.0 keystonemiddleware==4.17.0
kombu==4.1.0
kubernetes==3.0.0 kubernetes==3.0.0
Mako==1.0.7
MarkupSafe==1.0 MarkupSafe==1.0
mccabe==0.2.1
monotonic==1.4 monotonic==1.4
msgpack-python==0.4.8 msgpack-python==0.5.1
netaddr==0.7.19 netaddr==0.7.19
netifaces==0.10.6 netifaces==0.10.6
oslo.config==5.1.0 oslo.cache==1.28.0
oslo.concurrency==3.24.0
oslo.config==5.2.0
oslo.context==2.19.2 oslo.context==2.19.2
oslo.db==4.33.0
oslo.i18n==3.19.0 oslo.i18n==3.19.0
oslo.log==3.35.0 oslo.log==3.36.0
oslo.messaging==5.35.0
oslo.middleware==3.33.0
oslo.policy==1.22.1 oslo.policy==1.22.1
oslo.serialization==2.22.0 oslo.serialization==2.23.0
oslo.utils==3.33.0 oslo.service==1.29.0
oslo.utils==3.34.0
Paste==2.0.3
PasteDeploy==1.5.2 PasteDeploy==1.5.2
pbr==3.0.1 pbr==3.0.1
pep8==1.5.7
pika==0.11.2
pika-pool==0.1.3
ply==3.10 ply==3.10
positional==1.2.1 positional==1.2.1
prettytable==0.7.2
psycopg2==2.7.3.1
pyasn1==0.4.2 pyasn1==0.4.2
pyasn1-modules==0.2.1 pyasn1-modules==0.2.1
pycadf==2.6.0 pycadf==2.6.0
pyflakes==0.8.1
pyinotify==0.9.6 pyinotify==0.9.6
pyparsing==2.2.0 pyparsing==2.2.0
pyperclip==1.6.0
python-barbicanclient==4.5.2
python-dateutil==2.6.1 python-dateutil==2.6.1
python-editor==1.0.3
python-keystoneclient==3.14.0 python-keystoneclient==3.14.0
python-memcached==1.58
python-mimeparse==1.6.0 python-mimeparse==1.6.0
pytz==2017.3 pytz==2017.3
PyYAML==3.12 PyYAML==3.12
repoze.lru==0.7
requests==2.18.4 requests==2.18.4
rfc3986==1.1.0 rfc3986==1.1.0
Routes==2.4.1
rsa==3.4.2 rsa==3.4.2
six==1.11.0 six==1.11.0
SQLAlchemy==1.2.0
sqlalchemy-migrate==0.11.0
sqlparse==0.2.4
statsd==3.2.2
stevedore==1.28.0 stevedore==1.28.0
Tempita==0.5.2
tenacity==4.8.0
urllib3==1.22 urllib3==1.22
uWSGI==2.0.15 uWSGI==2.0.15
vine==1.1.4
WebOb==1.7.4 WebOb==1.7.4
websocket-client==0.40.0 websocket-client==0.40.0
wrapt==1.10.11 wrapt==1.10.11

2
tools/g2/manifests/smoke.json
View File

@ -1,6 +1,6 @@
{ {
"configuration": [ "configuration": [
"examples/basic", "examples/complete",
"promenade/schemas" "promenade/schemas"
], ],
"stages": [ "stages": [

19
tools/gate/config-templates/bootstrap-armada-config.yaml
View File

@ -6,6 +6,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
data: data:
release_prefix: ucp release_prefix: ucp
chart_groups: chart_groups:
@ -22,6 +23,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
data: data:
description: Kubernetes proxy description: Kubernetes proxy
sequenced: true sequenced: true
@ -35,6 +37,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
data: data:
description: Container networking via Calico description: Container networking via Calico
sequenced: true sequenced: true
@ -49,6 +52,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
data: data:
description: Cluster DNS description: Cluster DNS
chart_group: chart_group:
@ -61,6 +65,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
data: data:
description: UCP Services description: UCP Services
chart_group: chart_group:
@ -73,6 +78,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
data: data:
description: Kubernetes components description: Kubernetes components
chart_group: chart_group:
@ -85,6 +91,10 @@ schema: armada/Chart/v1
metadata: metadata:
schema: metadata/Document/v1 schema: metadata/Document/v1
name: helm-toolkit name: helm-toolkit
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: data:
chart_name: helm-toolkit chart_name: helm-toolkit
release: helm-toolkit release: helm-toolkit
@ -107,6 +117,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
substitutions: substitutions:
- -
src: src:
@ -161,6 +172,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
substitutions: substitutions:
- -
src: src:
@ -403,6 +415,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
substitutions: substitutions:
- -
src: src:
@ -465,6 +478,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
substitutions: substitutions:
- -
src: src:
@ -542,6 +556,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
substitutions: substitutions:
- -
src: src:
@ -640,6 +655,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
substitutions: substitutions:
- -
src: src:
@ -709,6 +725,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
substitutions: substitutions:
- -
src: src:
@ -768,6 +785,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
substitutions: substitutions:
- -
src: src:
@ -968,6 +986,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
data: data:
chart_name: promenade chart_name: promenade
release: promenade release: promenade

1
tools/gate/config-templates/genesis-config.yaml
View File

@ -6,6 +6,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
data: data:
hostname: ${GENESIS_HOSTNAME} hostname: ${GENESIS_HOSTNAME}
ip: ${GENESIS_IP} ip: ${GENESIS_IP}

4
tools/gate/config-templates/joining-host-config.yaml
View File

@ -6,6 +6,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
data: data:
hostname: ${GENESIS_HOSTNAME} hostname: ${GENESIS_HOSTNAME}
ip: ${GENESIS_IP} ip: ${GENESIS_IP}
@ -34,6 +35,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
data: data:
hostname: ${MASTER1_HOSTNAME} hostname: ${MASTER1_HOSTNAME}
ip: ${MASTER1_IP} ip: ${MASTER1_IP}
@ -62,6 +64,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
data: data:
hostname: ${MASTER2_HOSTNAME} hostname: ${MASTER2_HOSTNAME}
ip: ${MASTER2_IP} ip: ${MASTER2_IP}
@ -90,6 +93,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
data: data:
hostname: ${WORKER_HOSTNAME} hostname: ${WORKER_HOSTNAME}
ip: ${WORKER_IP} ip: ${WORKER_IP}

4
tools/gate/config-templates/site-config.yaml
View File

@ -6,6 +6,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
data: data:
dns: dns:
cluster_domain: cluster.local cluster_domain: cluster.local
@ -34,6 +35,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
data: data:
config: config:
insecure-registries: insecure-registries:
@ -50,6 +52,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
data: data:
files: files:
- path: /opt/kubernetes/bin/kubelet - path: /opt/kubernetes/bin/kubelet
@ -109,6 +112,7 @@ metadata:
layeringDefinition: layeringDefinition:
abstract: false abstract: false
layer: site layer: site
storagePolicy: cleartext
data: data:
arguments: arguments:
- --cni-bin-dir=/opt/cni/bin - --cni-bin-dir=/opt/cni/bin