Skip to content

Commit 6bdd302

Browse files
author
Mauricio Harley
committed
Add Barbican HSM custom image support
- Add new Makefile variables for HSM-enabled Barbican deployments: BARBICAN_API_IMAGE, BARBICAN_WORKER_IMAGE, BARBICAN_HSM_ENABLED - Add conditional logic to use custom images when HSM is enabled - Update barbican_deploy_prep target to handle custom image deployment - Add HSM backend selection in standalone openstack.sh script - Support PKCS#11 backend when BARBICAN_HSM_ENABLED=true Signed-off-by: Mauricio Harley <mharley@redhat.com>
1 parent d80ee7f commit 6bdd302

File tree

1 file changed

+18
-0
lines changed

1 file changed

+18
-0
lines changed

Makefile

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -174,6 +174,10 @@ BARBICAN_DEPL_IMG ?= unused
174174
BARBICAN_KUTTL_CONF ?= ${OPERATOR_BASE_DIR}/barbican-operator/kuttl-test.yaml
175175
BARBICAN_KUTTL_DIR ?= ${OPERATOR_BASE_DIR}/barbican-operator/tests/kuttl/tests
176176
BARBICAN_KUTTL_NAMESPACE ?= barbican-kuttl-tests
177+
# HSM-enabled Barbican image overrides
178+
BARBICAN_API_IMAGE ?=
179+
BARBICAN_WORKER_IMAGE ?=
180+
BARBICAN_HSM_ENABLED ?= false
177181

178182
# Mariadb
179183
MARIADB_IMG ?= quay.io/openstack-k8s-operators/mariadb-operator-index:${OPENSTACK_K8S_TAG}
@@ -586,6 +590,15 @@ ${1}: export OPERATOR_SOURCE=$(OPERATOR_SOURCE)
586590
${1}: export OPERATOR_SOURCE_NAMESPACE=$(OPERATOR_SOURCE_NAMESPACE)
587591
endef
588592

593+
ifeq ($(BARBICAN_HSM_ENABLED),true)
594+
ifneq ($(BARBICAN_API_IMAGE),)
595+
BARBICAN_API_IMG := $(BARBICAN_API_IMAGE)
596+
endif
597+
ifneq ($(BARBICAN_WORKER_IMAGE),)
598+
BARBICAN_WORKER_IMG := $(BARBICAN_WORKER_IMAGE)
599+
endif
600+
endif
601+
589602
.PHONY: all
590603
all: operator_namespace keystone mariadb placement neutron
591604

@@ -775,6 +788,9 @@ openstack_wait: ## waits openstack CSV to succeed.
775788

776789
# creates the new initialization resource for our operators
777790
.PHONY: openstack_init
791+
openstack_init: export BARBICAN_API_IMAGE:=$(BARBICAN_API_IMAGE)
792+
openstack_init: export BARBICAN_WORKER_IMAGE:=$(BARBICAN_WORKER_IMAGE)
793+
openstack_init: export BARBICAN_HSM_ENABLED:=$(BARBICAN_HSM_ENABLED)
778794
openstack_init: openstack_wait
779795
bash -c 'test -f ${OPERATOR_BASE_DIR}/openstack-operator/config/samples/operator_v1beta1_openstack.yaml || make openstack_repo'
780796
oc apply -f ${OPERATOR_BASE_DIR}/openstack-operator/config/samples/operator_v1beta1_openstack.yaml
@@ -1260,6 +1276,8 @@ barbican_cleanup: ## deletes the operator, but does not cleanup the service reso
12601276

12611277
.PHONY: barbican_deploy_prep
12621278
barbican_deploy_prep: export KIND=Barbican
1279+
barbican_deploy_prep: export IMAGE=${BARBICAN_API_IMG:-unused},${BARBICAN_WORKER_IMG:-unused}
1280+
barbican_deploy_prep: export IMAGE_PATH=barbicanAPI/containerImage,barbicanWorker/containerImage
12631281
barbican_deploy_prep: export REPO=${BARBICAN_REPO}
12641282
barbican_deploy_prep: export BRANCH=${BARBICAN_BRANCH}
12651283
barbican_deploy_prep: export HASH=${BARBICAN_COMMIT_HASH}

0 commit comments

Comments
 (0)