values-secret.yaml.template

---
# NEVER COMMIT THESE VALUES TO GIT
version: "2.0"
secrets:
  # This is to make the secrets available to spoke clusters
  - name: vm-ssh
    vaultPrefixes:
    - global
    fields:
    - name: username
      value: 'Username of user to attach privatekey and publickey to - cloud-user is a typical value'

    - name: privatekey
      value: 'Private ssh key of the user who will be able to elevate to root to provision kiosks'

    - name: publickey
      value: 'Public ssh key of the user who will be able to elevate to root to provision kiosks'

  # This is to make the secrets available to spoke clusters
  - name: cloud-init
    vaultPrefixes:
    - global
    fields:
    - name: userData
      value: |-
        #cloud-config
        user: 'username of user for console, probably cloud-user'
        password: 'a suitable password to use on the console'
        chpasswd: { expire: False }

  - name: aws
    fields:
      - name: aws_access_key_id
        ini_file: ~/.aws/credentials
        ini_key: aws_access_key_id
      - name: aws_secret_access_key
        ini_file: ~/.aws/credentials
        ini_key: aws_secret_access_key
      - name: baseDomain
        value: "A suitable DNS domain"
      - name: pullSecret
        value: "A standard OpenShift pull secret"
      - name: privatekey
        value: "An SSH private key"
      - name: publickey
        value: "An SSH public key"

  - name: openshiftPullSecret
    fields:
      - name: .dockerconfigjson
        value: "A standard OpenShift pull secret"

# These are needed if you want to use and import your own regional clusters
# by setting byoc: true in rdr chart
# - name: ocp-primary_cluster_kubeconfig
#   fields:
#     - name: kubeconfig
#       path: path to kubeconfig for the cluster
# - name: ocp-secondary_cluster_kubeconfig
#   fields:
#     - name: kubeconfig
#       path: path to kubeconfig for the cluster