This message was deleted.

When I Rancher v2provision a downstream cluster via gitops, I already gitops install a bunch of workloads to the downstream cluster once it is available. I want to install opni-agent as another workload. Does Opni have a kubernetes api I can invoke from a kyverno generate policy to get the cluster bootstrap info needed to register the agent? In a nutshell, im thinking my kyverno generate policy will watch for Rancher Cluster CR creates and then use the output of an opni bootstrap k8s api call to generate an agent-config ESO PushSecret that the external-secrets operator will push to the downstream cluster as a regular Secret. I would likely need Opni's Bootstrap API exposed as a crd to automate this flow. If this makes sense to you, should I open an issue to define some type of Bootstrap or Cluster CRD with a SecretRef to the the Secret with the needed token/pin, etc.?

I don't think the bootstrap token will help, that's an alternative to the kv storage that Opni uses, but in our testing the performance in it isn't that great. Definitely open an issue for the usecase; it's something we're aware of but probably won't land before GA. We do have a CLI that can generate bootstrap tokens; it interacts with the Opni admin API. We have also been working on a terraform provider that can interact with the API.

It seems Opni is focusing much of its efforts on web ui and command line clients consuming its apis. I am primarily interested in consuming these apis as crds using kubernetes native workloads and gitops. I'll open a ticket with my usecase. Thanks.