diff --git a/Makefile b/Makefile index 04835cd..d97995a 100644 --- a/Makefile +++ b/Makefile @@ -167,7 +167,8 @@ endif # this is configured to work with the capi-lab export METAL_API_URL := "http://metal.203.0.113.1.nip.io:8080" -export METAL_API_HMAC := "metal-admin" +export METAL_API_HMAC := "metal-edit" +export METAL_API_HMAC_AUTH_TYPE := "Metal-Edit" .PHONY: install install: manifests kustomize ## Install CRDs into the K8s cluster specified in ~/.kube/config. diff --git a/README.md b/README.md index 25c741f..17c9de9 100644 --- a/README.md +++ b/README.md @@ -41,6 +41,7 @@ Now, you are able to install the CAPMS into your management cluster: # export the following environment variables export METAL_API_URL= export METAL_API_HMAC= +export METAL_API_HMAC_AUTH_TYPE= export EXP_KUBEADM_BOOTSTRAP_FORMAT_IGNITION=true # initialize the management cluster diff --git a/capi-lab/Makefile b/capi-lab/Makefile index d1c42cf..47f6fba 100644 --- a/capi-lab/Makefile +++ b/capi-lab/Makefile @@ -7,9 +7,11 @@ KUBECONFIG := $(shell pwd)/mini-lab/.kubeconfig MINI_LAB_FLAVOR=capms METAL_API_URL=http://metal.203.0.113.1.nip.io:8080 -METAL_API_HMAC=metal-admin +METAL_API_HMAC=metal-edit +METAL_API_HMAC_AUTH_TYPE=Metal-Edit METALCTL_API_URL=http://metal.203.0.113.1.nip.io:8080 -METALCTL_HMAC=metal-admin +METALCTL_HMAC=metal-edit +METALCTL_HMAC_AUTH_TYPE=Metal-Edit METAL_PARTITION ?= mini-lab METAL_PROJECT_ID ?= 00000000-0000-0000-0000-000000000001 diff --git a/capi-lab/metal-ccm.yaml b/capi-lab/metal-ccm.yaml index 16f9813..bb922f4 100644 --- a/capi-lab/metal-ccm.yaml +++ b/capi-lab/metal-ccm.yaml @@ -7,6 +7,7 @@ metadata: stringData: api-url: ${METAL_API_URL} api-hmac: ${METAL_API_HMAC} + api-hmac-auth-type: ${METAL_API_HMAC_AUTH_TYPE} --- apiVersion: v1 kind: ServiceAccount @@ -172,6 +173,11 @@ spec: secretKeyRef: key: api-hmac name: cloud-controller-manager + - name: METAL_AUTH_HMAC_AUTH_TYPE + valueFrom: + secretKeyRef: + key: api-hmac-auth-type + name: cloud-controller-manager - name: METAL_PROJECT_ID value: 00000000-0000-0000-0000-000000000001 - name: METAL_PARTITION_ID @@ -185,7 +191,7 @@ spec: value: internet-mini-lab,${METAL_NODE_NETWORK_ID} - name: METAL_SSH_PUBLICKEY value: "" - image: ghcr.io/metal-stack/metal-ccm:v0.9.3 + image: ghcr.io/metal-stack/metal-ccm:v0.9.4 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 2 diff --git a/cmd/main.go b/cmd/main.go index f814a17..1c7c124 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -202,5 +202,10 @@ func newMetalClient() (metalgo.Client, error) { return nil, errors.New("METAL_API_HMAC environment variable must be set") } - return metalgo.NewDriver(url, "", hmac) + hmacAuthType := os.Getenv("METAL_API_HMAC_AUTH_TYPE") + if hmacAuthType == "" { + return nil, errors.New("METAL_API_HMAC_AUTH_TYPE environment variable must be set") + } + + return metalgo.NewDriver(url, "", hmac, metalgo.AuthType(hmacAuthType)) } diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index 77e8035..8859dbb 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -6,6 +6,7 @@ metadata: stringData: api-url: ${METAL_API_URL} api-hmac: ${METAL_API_HMAC} + api-hmac-auth-type: ${METAL_API_HMAC_AUTH_TYPE} --- apiVersion: apps/v1 kind: Deployment @@ -44,6 +45,11 @@ spec: secretKeyRef: name: controller-manager-config key: api-hmac + - name: METAL_API_HMAC_AUTH_TYPE + valueFrom: + secretKeyRef: + name: controller-manager-config + key: api-hmac-auth-type command: - /manager args: diff --git a/metadata.yaml b/metadata.yaml index 32d63b9..b79cd26 100644 --- a/metadata.yaml +++ b/metadata.yaml @@ -5,6 +5,9 @@ # update this file only when a new major or minor version is released apiVersion: clusterctl.cluster.x-k8s.io/v1alpha3 releaseSeries: + - major: 0 + minor: 3 + contract: v1beta1 - major: 0 minor: 2 contract: v1beta1