feat: split access groups for admins, devs and analytics

values/env-rossby.yaml

@@ -8,28 +8,21 @@ clusterConfig:
   initca: "/var/lib/kubernetes/secrets"
   apiserver: "rossby-manage"
   apiserverip: "172.16.239.221"
-  etcd_nodes: [ "172.16.239.221, 172.16.239.222, 172.16.239.210" ]
-  k8s_nodes: [ "172.16.239.221, 172.16.239.222, 172.16.239.210, 172.16.239.111, 172.16.239.112, 172.16.239.113, 172.16.239.114, 172.16.239.115, 172.16.239.116, 172.16.239.117, 172.16.239.118, 172.16.239.119, 172.16.239.120, 172.16.239.121, 172.16.239.122, 172.16.239.123, 172.16.239.124, 172.16.239.125, 172.16.239.126, 172.16.239.127, 172.16.239.128, 172.16.239.129, 172.16.239.130" ]
+  etcd_nodes: ["172.16.239.221, 172.16.239.222, 172.16.239.210"]
+  k8s_nodes:
+    [
+      "172.16.239.221, 172.16.239.222, 172.16.239.210, 172.16.239.111, 172.16.239.112, 172.16.239.113, 172.16.239.114, 172.16.239.115, 172.16.239.116, 172.16.239.117, 172.16.239.118, 172.16.239.119, 172.16.239.120, 172.16.239.121, 172.16.239.122, 172.16.239.123, 172.16.239.124, 172.16.239.125, 172.16.239.126, 172.16.239.127, 172.16.239.128, 172.16.239.129, 172.16.239.130",
+    ]
   cluster: "rossby"
-  ingress_nodes: ["rossby, rossby-manage" ]
+  ingress_nodes: ["rossby, rossby-manage"]
   ingress_replica_count: 2
   ingress_clusterissuer: ca-issuer
   ingress_whitelist:
-   - 0.0.0.0/0
+    - 0.0.0.0/0
   ingress_hostnetwork: true
   ingress_hostport: false
   ingress_nodeport: false
   fileserver: "172.16.239.222"
-  acme:
-    email: "acme@oceanbox.io"
-    dns01: "namecheap-apikey"
-  oidc:
-  - name: oceanbox
-    provider: azuread
-    tenant: "3f737008-e9a0-4485-9d27-40329d288089"
-    secret_ref:
-      name: oceanbox-oidc
-    group_id: "eb17a659-4ce6-41bc-9153-d9b117c44479"
   nodes:
     - name: rossby-manage
       taints: []