ocp-4: add secrets for google ca eab

[stehessel]

Use google CA for generating OpenShift publicly trusted certificates. Requires ACME EAB credentials.

[rhacs-bot]

A single node development cluster (infra-pr-1486) was allocated in production infra for this PR.

CI will attempt to deploy quay.io/rhacs-eng/infra-server:0.10.74-8-g8eb9d637f7 to it.

🔌 You can connect to this cluster with:

gcloud container clusters get-credentials infra-pr-1486 --zone us-central1-a --project acs-team-temp-dev

🛠️ And pull infractl from the deployed dev infra-server with:

nohup kubectl -n infra port-forward svc/infra-server-service 8443:8443 &
make pull-infractl-from-dev-server

🚲 You can then use the dev infra instance e.g.:

bin/infractl -k -e localhost:8443 whoami

⚠️ Any clusters that you start using your dev infra instance should have a lifespan shorter then the development cluster instance. Otherwise they will not be destroyed when the dev infra instance ceases to exist when the development cluster is deleted. ⚠️

Further Development

☕ If you make changes, you can commit and push and CI will take care of updating the development cluster.

🚀 If you only modify configuration (chart/infra-server/configuration) or templates (chart/infra-server/{static,templates}), you can get a faster update with:

make install-local

Logs

Logs for the development infra depending on your @redhat.com authuser:

• authuser=0
• authuser=1
• authuser=2

Or:

kubectl -n infra logs -l app=infra-server --tail=1 -f

[tommartensen]

You can keep this PR and update the automationFlavorsVersion after https://github.com/stackrox/automation-flavors/pull/298 merged OR close this PR and wait for the automated bump PR in this repo.