search

eth-cscs / manta

Another CLI for Alps
https://eth-cscs.github.io/manta/
BSD 3-Clause "New" or "Revised" License
14 stars 3 forks source link

FEAT: add new parameter to the manta configuration file (config.toml) to store the CA root public cert file name for CSM #77

Closed Masber closed 3 months ago

Masber commented 3 months ago

This ticket is to add some consistency to manta configuration, at the moment the CA root public cert is dynamically retrieved and this counter intuitive.

The goal of this ticket is to add new option to the configuration file root_ca_cert_file to store the CA root public cert file for a specific site.

New configuration file will look like

eg:

log = "info"

site = "prealps"
parent_hsm_group = "nodes_free"

[sites]

[sites.alps]
socks5_proxy = "socks5h://127.0.0.1:1080"
shasta_base_url = "https://api.cmn.alps.cscs.ch/apis"
keycloak_base_url = "https://api.cmn.alps.cscs.ch/keycloak"
gitea_base_url = "https://api.cmn.alps.cscs.ch/vcs"
k8s_api_url = "https://10.252.1.12:6442"
vault_base_url = "https://hashicorp-vault.cscs.ch:8200"
vault_secret_path = "shasta"
vault_role_id = "b15517de-cabb-06ba-af98-633d216c6d99" # vault in hashicorp-vault.cscs.ch
root_ca_cert_file = "alps_root_cert.pem"

[sites.prealps]
socks5_proxy = "socks5h://127.0.0.1:1081"
shasta_base_url = "https://api.cmn.prealps.cscs.ch/apis"
keycloak_base_url = "https://api.cmn.prealps.cscs.ch/keycloak"
gitea_base_url = "https://api.cmn.prealps.cscs.ch/vcs"
k8s_api_url = "https://10.252.1.2:6442"
vault_base_url = "https://hashicorp-vault.cscs.ch:8200"
vault_secret_path = "prealps"
vault_role_id = "b15517de-cabb-06ba-af98-633d216c6d99" # vault in hashicorp-vault.cscs.ch
root_ca_cert_file = "prealps_root_cert.pem"

[sites.alpsm]
socks5_proxy = "socks5h://127.0.0.1:1082"
shasta_base_url = "https://api.cmn.alpsm.cscs.ch/apis"
keycloak_base_url = "https://api.cmn.alpsm.cscs.ch/keycloak"
gitea_base_url = "https://api.cmn.alpsm.cscs.ch/vcs"
k8s_api_url = "https://10.252.1.2:6442"
vault_base_url = "https://hashicorp-vault.cscs.ch:8200"
vault_secret_path = "alpsm"
vault_role_id = "b15517de-cabb-06ba-af98-633d216c6d99" # vault in hashicorp-vault.cscs.ch, this doesn't change for the whole CSCS
root_ca_cert_file = "alpsm_root_cert.pem"
Masber commented 3 months ago

done in v1.37.0