*: rejigger tls certs and more This pretty large change does the following: - moves nix from bootstrap.hswaw.net to nix/ - changes clustercfg to use cfssl and moves it to cluster/clustercfg - changes clustercfg to source information about target location of certs from nix - changes clustercfg to push nix config - changes tls certs to have more than one CA - recalculates all TLS certs (it keeps the old serviceaccoutns key, otherwise we end up with invalid serviceaccounts - the cert doesn't match, but who cares, it's not used anyway)

commit: 73cef11c8534edeaab7763df1018c55b8afdd157 [log] [tgz]
author: Sergiusz Bazanski <q3k@q3k.org> Sun Apr 07 00:06:23 2019 +0200
committer: Sergiusz Bazanski <q3k@q3k.org> Sun Apr 07 00:06:23 2019 +0200
tree: 8d483998903ae47cf7e9467829071bbb8c5329a0
parent: 208f0058304f5c7a01d239d5bc58a78363982d6d [diff] [blame]
diff --git a/tools/BUILD b/tools/BUILD
index cd4642a..2be1cea 100644
--- a/tools/BUILD
+++ b/tools/BUILD

@@ -2,8 +2,8 @@
 load("@py_deps//:requirements.bzl", "requirement")
 load("//bzl:rules.bzl", "copy_go_binary")
 
-py_binary(
-    name = "secretstore",
+py_library(
+    name = "secretstore_lib",
     srcs = ["secretstore.py"],
     visibility = ["//visibility:public"],
     deps = [
@@ -12,11 +12,10 @@
 )
 
 py_binary(
-    name = "clustercfg",
-    srcs = ["clustercfg.py"],
+    name = "secretstore",
+    srcs = ["secretstore.py"],
     visibility = ["//visibility:public"],
     deps = [
-        requirement("fabric"),
         requirement("future"),
     ],
 )
commit	73cef11c8534edeaab7763df1018c55b8afdd157	[log] [tgz]
author	Sergiusz Bazanski <q3k@q3k.org>	Sun Apr 07 00:06:23 2019 +0200
committer	Sergiusz Bazanski <q3k@q3k.org>	Sun Apr 07 00:06:23 2019 +0200
tree	8d483998903ae47cf7e9467829071bbb8c5329a0
parent	208f0058304f5c7a01d239d5bc58a78363982d6d [diff] [blame]