more secrets
This commit is contained in:
parent
43c7d4b754
commit
ac7cd01e7c
GPG key ID:
643004654D40D577
6 changed files with 108 additions and 0 deletions
5
drone/kustomization.yaml
Normal file
5
drone/kustomization.yaml
Normal file
|
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
generators:
|
||||||
|
- ./secret-generator.yaml
|
||||||
11
drone/secret-generator.yaml
Normal file
11
drone/secret-generator.yaml
Normal file
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
apiVersion: viaduct.ai/v1
|
||||||
|
kind: ksops
|
||||||
|
metadata:
|
||||||
|
name: secret-generator
|
||||||
|
annotations:
|
||||||
|
config.kubernetes.io/function: |
|
||||||
|
exec:
|
||||||
|
path: ksops
|
||||||
|
files:
|
||||||
|
- ./secret.yaml
|
||||||
37
drone/secret.yaml
Normal file
37
drone/secret.yaml
Normal file
|
|
@ -0,0 +1,37 @@
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: drone-secrets
|
||||||
|
namespace: drone
|
||||||
|
type: Opaque
|
||||||
|
data:
|
||||||
|
DRONE_RPC_SECRET: ENC[AES256_GCM,data:9wEps0DmvV8Qqx2dARB6M1stwAdf547n5rbVBEiaa4lL5GPAbHMgOI7bYIo=,iv:3SAA0PNJT1ajUx1SJWNpX2AiJnmcFf8tJCrvOW3fJqk=,tag:Z3yuE/jfyAldVjrdIcPlFg==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age14uxgmvw26e7f82gkvxl0zwnfc5l75rdn5sms4zj0xrtrnlgn4qlsqh3kkt
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBycHkzcHNDOVdBYjJLRGpz
|
||||||
|
MkZ5T1UwOEEwTG44aGVuWk5zcnV2NlFPK0NRCkh0VVIzOVh2dWlaWG1hVmJQRE1p
|
||||||
|
VmhrNERFMHBpS2RTM3EySXdTSExmY3cKLS0tIFpWK3hMUG1TS0dTcTU2VUlkemNt
|
||||||
|
WlNZY0JmbVFWaVgxaUFlUU55THlRb0UK+P9mB8LDRFlnvYn0CXxzLSa8rB+ms2WF
|
||||||
|
INPTca+SW4sC37wc3zoIrdzrGuNai6FZbKRwrUtt40eDwgU2n/TANA==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1z5wtjmk0jw0j9qz9k5rrnp30nzqxrl3v6wgl7eryvqus28zekp4qpx9jc2
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3YmJiQ2RvQ2pKN0xQbHdQ
|
||||||
|
bDM3SWFPM0pUQXB4eW1tbEJEbWdSWjVTeXg0CjE3cVNEM2Y1UHBLbStrRnpsQUM4
|
||||||
|
cUh6aWROY0wzYnljdTJRZUtKODVBU2MKLS0tIGFybkhLUFF2ajdiZlQySENRc1lu
|
||||||
|
OXlPbmxsbDJQSlloSmtQb2ZQMDduUEUKnwnwWe3/oovkPlyZtUpoJVWAiW0rPFl+
|
||||||
|
PHbo0vrkCkvkKjtXSBP9RPE0sgdPHaYDez9Ea7Q3qdKyYsCKTebapg==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2024-11-04T20:00:35Z"
|
||||||
|
mac: ENC[AES256_GCM,data:8gPH1/iWNTkUcCcW5A/+QBSHIOphnCFz7PDc7muwOfgdS7CRfpUrMbsT7smZzsC5TXuy6n/tzYajNqOkuJNzAXeHTAulD5wD/HqwLrFjhO+2zo4m35l8eN9q+AYjTvMXCvK3Yo929gAJa65PXnMmx1kjjSC061KjPrF/Ka0o87w=,iv:Mtn8rx6Lwm9nXh+9km4JyWUr6xFkr+wk2w04QTLdLac=,tag:fL1mFqS9d/HOvZZfPP625A==,type:str]
|
||||||
|
pgp: []
|
||||||
|
encrypted_regex: ^(data|stringData)$
|
||||||
|
version: 3.9.0
|
||||||
7
surveybot/kustomization.yaml
Normal file
7
surveybot/kustomization.yaml
Normal file
|
|
@ -0,0 +1,7 @@
|
||||||
|
---
|
||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
generators:
|
||||||
|
- ./secret-generator.yaml
|
||||||
|
resources:
|
||||||
|
- ./surveybot.yaml
|
||||||
11
surveybot/secret-generator.yaml
Normal file
11
surveybot/secret-generator.yaml
Normal file
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
apiVersion: viaduct.ai/v1
|
||||||
|
kind: ksops
|
||||||
|
metadata:
|
||||||
|
name: secret-generator
|
||||||
|
annotations:
|
||||||
|
config.kubernetes.io/function: |
|
||||||
|
exec:
|
||||||
|
path: ksops
|
||||||
|
files:
|
||||||
|
- ./secret.yaml
|
||||||
37
surveybot/secret.yaml
Normal file
37
surveybot/secret.yaml
Normal file
|
|
@ -0,0 +1,37 @@
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: surveybot-token
|
||||||
|
namespace: surveybot
|
||||||
|
type: Opaque
|
||||||
|
data:
|
||||||
|
TOKEN: ENC[AES256_GCM,data:HZpvxzlqgtHIXstqo+wH5h1SVfBBS7aV7fPEIGO3gq0Hu8wbqMDq8nzBnGHQik+5jR0AoYQvRKLqD+VyIPgHQX8Nc/15er+pyCxa2kLXXPg=,iv:3dcWIVEU7HzkBCA8IT6lHPzsywmW3nCM0HK3Wr8r5eA=,tag:QplCTrlD08dpZvZjBdvlbQ==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age14uxgmvw26e7f82gkvxl0zwnfc5l75rdn5sms4zj0xrtrnlgn4qlsqh3kkt
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrd1ZReHRHazZzN1VKZVFK
|
||||||
|
eXo1OVhhL1hjeW5WMG5GNzUyWmFMUXFoa0dvCnhvaDNSNFRnMUJVMkxGRlVtRTR4
|
||||||
|
WERLanJPbEs0ZTlGSEhudTQ0ckFDbG8KLS0tIDlQTDc2NGxDelMvZXk4WHJ2cTZS
|
||||||
|
dzkycGRVTW1FRDAwYk5OSFhoSkVPVG8Kvuhx+kEUCLwVlTxVWq2HXzszM4nJE09r
|
||||||
|
4nOrW4ytSsC6BM4DR1WR/hbqY+cz/xaHEbCfQBaH4NYQUuaONLICxg==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1z5wtjmk0jw0j9qz9k5rrnp30nzqxrl3v6wgl7eryvqus28zekp4qpx9jc2
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCN3pEOFZCSm90eDFBOEhS
|
||||||
|
T3RSVWh1ZVI1WS9pZTRkbnJMR0E0S04wdUhVCitFdk5hWjhWNGNqenp3c0dCZGNk
|
||||||
|
S2NrSk1Ocmx5WDkzeFRFMk5id3VheGMKLS0tIDU3a2Rvb2VKUHEwWVJFY2k4UHNl
|
||||||
|
dGdSTmkrRmVNWlovVC9JbTRROFgvbUEKEDg6EIYvD2xbVwMxWirkDA9lLOPt64zb
|
||||||
|
dhgGwbvL8ijAKVPKXLJ73IOWrwk5dCLv7oe8RDhkNDtuSus9HOqD9Q==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2024-11-04T20:00:41Z"
|
||||||
|
mac: ENC[AES256_GCM,data:dIghUTmsUH2deQGDv9Jykicf+kV4A2XYHqxOHq0TcR7G5V329U25tm4ID07kQKmJjSgPwTx/6Vadxu/Bo3ADrvMj5+bOCUENP5FcJEp8htkJHNlzn1syQ9VXu+Vbka0e0PpPJ4AlxM3toPdmRX4k7tP5FzVlMkxSwAjMsVivHYo=,iv:1094lyciqTvwdmJjCI761sRi42AXxyiFyPw2CSUqfA4=,tag:0LlLhMOn7l4NrFzmbcfPcQ==,type:str]
|
||||||
|
pgp: []
|
||||||
|
encrypted_regex: ^(data|stringData)$
|
||||||
|
version: 3.9.0
|
||||||
Loading…
Reference in a new issue