commit e31d64f2656f99a1f577d9411f926561420968a5
author Sergiusz Bazanski <q3k@hackerspace.pl> Wed Oct 02 20:59:26 2019 +0200
committer Sergiusz Bazanski <q3k@hackerspace.pl> Wed Oct 02 21:03:13 2019 +0200
tree 3ba60069978b7c3282559a32a41d6478e1a3e61a
parent 54490d385ea49d87f2b0b04c159fcb78af8db033

kube: move cert-manager resources to kube.local.libsonnet

This way kubernetes consumers don't have to import anything from
cluster/, hopefully.

We also create a small abstraction for local additions for
kube.libsonnet without having to modify upstream.

Change-Id: I209095781f91c8867250a647fe944370cddd67d0

cluster/kube/lib/cockroachdb.libsonnet

diff --git a/cluster/kube/lib/cockroachdb.libsonnet b/cluster/kube/lib/cockroachdb.libsonnet
index 212104d..0b58180 100644
--- a/cluster/kube/lib/cockroachdb.libsonnet
+++ b/cluster/kube/lib/cockroachdb.libsonnet
@@ -35,7 +35,6 @@
 
 
 local kube = import "../../../kube/kube.libsonnet";
-local cm = import "cert-manager.libsonnet";
 local policies = import "../../../kube/policies.libsonnet";
 
 {
@@ -76,14 +75,14 @@
         name(suffix):: if cluster.cfg.ownNamespace then suffix else name + "-" + suffix,
 
         pki: {
-            selfSignedIssuer: cm.Issuer(cluster.name("selfsigned")) {
+            selfSignedIssuer: kube.Issuer(cluster.name("selfsigned")) {
                 metadata+: cluster.metadata,
                 spec: {
                     selfSigned: {},
                 },
             },
 
-            selfSignedKeypair: cm.Certificate(cluster.name("cluster-ca")) {
+            selfSignedKeypair: kube.Certificate(cluster.name("cluster-ca")) {
                 metadata+: cluster.metadata,
                 spec: {
                     secretName: cluster.name("cluster-ca"),
@@ -96,7 +95,7 @@
                 },
             },
 
-            clusterIssuer: cm.Issuer(cluster.name("cluster-ca")) {
+            clusterIssuer: kube.Issuer(cluster.name("cluster-ca")) {
                 metadata+: cluster.metadata,
                 spec: {
                     ca: {
@@ -105,7 +104,7 @@
                 },
             },
 
-            nodeCertificate: cm.Certificate(cluster.name("node")) {
+            nodeCertificate: kube.Certificate(cluster.name("node")) {
                 metadata+: cluster.metadata,
                 spec: {
                     secretName: "cockroachdb-node-cert",
@@ -127,7 +126,7 @@
                 },
             },
 
-            clientCertificate: cm.Certificate(cluster.name("client")) {
+            clientCertificate: kube.Certificate(cluster.name("client")) {
                 metadata+: cluster.metadata,
                 spec: {
                     secretName: cluster.name("client-certificate"),
@@ -371,7 +370,7 @@
         },
 
         Client(name):: {
-            certificate: cm.Certificate(cluster.name("client-%s" % name)) {
+            certificate: kube.Certificate(cluster.name("client-%s" % name)) {
                 metadata+: cluster.metadata,
                 spec: {
                     secretName: cluster.name("client-%s-certificate" % name),