generated from validatedpatterns/multicloud-gitops
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvalues-hub.yaml
173 lines (152 loc) · 4.67 KB
/
values-hub.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
### WARNING ###
### Currently configured for bare metal deployment where ACM is pre-installed
clusterGroup:
name: hub
isHubCluster: true
namespaces:
- vault
- golang-external-secrets
- ack-system
- open-cluster-management
- multicluster-engine
- openshift-cnv
- cte
- cte-vm
- cluster
- ansible-automation-platform
subscriptions:
# NOT BARE METAL
# acm:
# name: advanced-cluster-management
# namespace: open-cluster-management
# channel: release-2.9
# #csv: advanced-cluster-management.v2.6.1
# s3:
# name: ack-s3-controller
# namespace: ack-system
# channel: alpha
# source: community-operators
# END NOTE BARE METAL
cte:
name: cte-k8s-operator
namespace: openshift-operators
channel: stable
source: certified-operators
# Note CNV operator is not required all the time, however, it does not carry much weight until
# HyperConverged object is deployed.
# NOT BARE METAL
# cnv:
# name: kubevirt-hyperconverged
# namespace: openshift-cnv
# channel: stable
# END NOT BARE METAL
caas:
name: cluster-aas-operator
namespace: openshift-operators
channel: alpha
source: community-operators
# This deploys the ansible automation platform operator - not the controller
# you may want to remove this if you are using an external cluster.
aap-operator:
name: ansible-automation-platform-operator
namespace: ansible-automation-platform
projects:
- local-cluster
- s3
- hypershift
- cte
- cte-vm
- test-config
- default
- cnv
- cluster
# Explicitly mention the cluster-state based overrides we plan to use for this pattern.
# We can use self-referential variables because the chart calls the tpl function with these variables defined
sharedValueFiles:
- '/overrides/values-{{ $.Values.global.clusterPlatform }}.yaml'
- '/overrides/values-hypershift.yaml'
applications:
aap:
name: ansible-automation-platform
project: local-cluster
path: charts/all/ansible-automation-platform
aap-cte-config:
name: aap-cte-config
project: cte
path: charts/all/aap-cte-config
# PRE-INSTALLED
# acm:
# name: acm
# namespace: open-cluster-management
# project: local-cluster
# path: common/acm
# ignoreDifferences:
# - group: internal.open-cluster-management.io
# kind: ManagedClusterInfo
# jsonPointers:
# - /spec/loggingCA
vault:
name: vault
namespace: vault
project: local-cluster
path: common/hashicorp-vault
golang-external-secrets:
name: golang-external-secrets
namespace: golang-external-secrets
project: local-cluster
path: common/golang-external-secrets
imperative-secrets-distributor:
name: imperative-secrets-distributor
namespace: golang-external-secrets
project: local-cluster
path: charts/all/imperative-secrets-distributor
# Not required for OCP-Vms
# s3:
# name: s3-controller
# namespace: ack-system
# project: s3
# path: charts/all/ack-s3
# PRE INSTALLED
# hypershift:
# name: hypershift
# namespace: multicluster-engine
# project: hypershift
# path: charts/all/hypershift
# END PRE-INSTALLED
cte-scc:
name: cte-scc
namespace: cte
project: cte
path: charts/all/cte-scc
# PRE-INSTALLED
# cnv:
# name: cnv
# namespace: openshift-cnv
# project: cnv
# path: charts/all/cnv
caas:
name: encrypted-clusters-aas
namespace: cluster
project: cluster
path: charts/all/encrypted-clusters-aas
# REQUIRED TO INSTALL THE CTM ON CLUSTER
# cipher-trust-manager:
# name: cipher-trust-manager
# project: cte-vm
# namespace: cte-vm
# path: charts/all/cipher-trust-manager
imperative:
# NOTE: We *must* use lists and not hashes. As hashes lose ordering once parsed by helm
# The default schedule is every 10 minutes: imperative.schedule
# Total timeout of all jobs is 1h: imperative.activeDeadlineSeconds
# imagePullPolicy is set to always: imperative.imagePullPolicy
# For additional overrides that apply to the jobs, please refer to
# https://hybrid-cloud-patterns.io/imperative-actions/#additional-job-customizations
jobs:
- name: configure-aap-controller
playbook: ansible/imperative_configure_controller.yml
# this image has not been changes. TBD would make sense
image: quay.io/hybridcloudpatterns/ansible-edge-gitops-ee:latest
verbosity: -vvv
timeout: "900"
managedClusterGroups: []