feat: add support for multiple clusters

Signed-off-by: Chris Butler <chris.butler@redhat.com>

Author: butler54

rhdp/requirements.txt

@@ -1,3 +1,4 @@
 typer
 rich
-Jinja2
+Jinja2
+typing_extensions

values-spoke.yaml

@@ -17,7 +17,7 @@ clusterGroup:
       source: redhat-operators
       channel: stable
       installPlanApproval: Manual 
-      csv: sandboxed-containers-operator.v1.10.1
+      csv: sandboxed-containers-operator.v1.11.0
     cert-manager:
       name: openshift-cert-manager-operator
       namespace: cert-manager-operator
@@ -48,8 +48,18 @@ clusterGroup:
       name: sandbox
       namespace: openshift-sandboxed-containers-operator #upstream config
       project: sandbox
-      chart: sandboxed-containers
-      chartVersion: 0.0.*
+      repoURL: https://github.com/butler54/sandboxed-containers-chart.git
+      targetRevision: remove-ssh
+      path: ./
+      overrides:
+        # - name: global.coco.enableSSHDebug
+        #   value: "true"
+        - name: global.secretStore.backend
+          value: vault
+        - name: secretStore.name
+          value: vault-backend
+        - name: secretStore.kind
+          value: ClusterSecretStore
 
     hello-openshift:
       name: hello-openshift
@@ -64,12 +74,7 @@ clusterGroup:
       path: charts/coco-supported/kbs-access
 
   imperative:
-    # NOTE: We *must* use lists and not hashes. As hashes lose ordering once parsed by helm
-    # The default schedule is every 10 minutes: imperative.schedule
-    # Total timeout of all jobs is 1h: imperative.activeDeadlineSeconds
-    # imagePullPolicy is set to always: imperative.imagePullPolicy
-    # For additional overrides that apply to the jobs, please refer to
-    # https://validatedpatterns.io/imperative-actions/#additional-job-customizations
+    image: ghcr.io/butler54/imperative-container:latest
     jobs:
     - name: install-deps
       playbook: ansible/install-deps.yaml

values-trusted-hub.yaml

@@ -22,7 +22,7 @@ clusterGroup:
       source: redhat-operators
       channel: stable
       installPlanApproval: Manual
-      csv: trustee-operator.v0.4.1
+      csv: trustee-operator.v1.0.0
     cert-manager:
       name: openshift-cert-manager-operator
       namespace: cert-manager-operator
@@ -66,31 +66,51 @@ clusterGroup:
       name: trustee
       namespace: trustee-operator-system #upstream config
       project: trustee
-      chart: trustee
-      chartVersion: 0.1.*
-      # Use the override file to specify the list of secrets accessible to trustee from the ESO backend (today by default, Vault).
-      extraValueFiles:
-        - '$patternref/overrides/values-trustee.yaml'
+      repoURL: https://github.com/butler54/trustee-chart.git
+      targetRevision: merge-certs
+      path: ./
+      overrides:
+        - name: global.coco.secured
+          value: "true"
+        - name: kbs.secretResources[0].name
+          value: kbsres1
+        - name: kbs.secretResources[0].key
+          value: secret/data/hub/kbsres1
+        - name: kbs.secretResources[1].name
+          value: passphrase
+        - name: kbs.secretResources[1].key
+          value: secret/data/hub/passphrase
     sandbox-policies:
       name: sandbox-policies
       namespace: openshift-sandboxed-containers-operator #upstream config
-      chart: sandboxed-policies
-      chartVersion: 0.0.*
+      repoURL: https://github.com/butler54/sandboxed-policies-chart.git
+      targetRevision: rootvolume
+      path: ./
+      overrides:
+        # - name: global.coco.enableSSHDebug
+        #   value: "true"
+        - name: global.coco.azure.defaultVMFlavour
+          value: Standard_DC2as_v5
+        - name: global.coco.azure.VMFlavours
+          value: "Standard_DC2as_v5,Standard_DC4as_v5,Standard_DC8as_v5,Standard_DC16as_v5"
+        - name: global.coco.azure.tags
+          value: "key1=value1,key2=value2"
+        - name: global.coco.azure.rootVolumeSize
+          value: "20"
 
 
 
   imperative:
-    # NOTE: We *must* use lists and not hashes. As hashes lose ordering once parsed by helm
-    # The default schedule is every 10 minutes: imperative.schedule
-    # Total timeout of all jobs is 1h: imperative.activeDeadlineSeconds
-    # imagePullPolicy is set to always: imperative.imagePullPolicy
-    # For additional overrides that apply to the jobs, please refer to
-    # https://validatedpatterns.io/imperative-actions/#additional-job-customizations
+    image: ghcr.io/butler54/imperative-container:latest
     jobs:
     - name: install-deps
       playbook: ansible/install-deps.yaml
       verbosity: -vvv
       timeout: 3600
+    - name: configure-azure-dns
+      playbook: ansible/configure-issuer.yaml
+      verbosity: -vvv
+      timeout: 3600
     - name: init-data-gzipper
       playbook: ansible/init-data-gzipper.yaml
       verbosity: -vvv