Add secrets with sops
This commit is contained in:
parent
30c8a660ef
commit
82f71e8d38
GPG key ID:
F17EFE4272D89FF6
4 changed files with 121 additions and 1 deletions
13
.sops.yaml
Normal file
13
.sops.yaml
Normal file
|
|
@ -0,0 +1,13 @@
|
||||||
|
---
|
||||||
|
keys:
|
||||||
|
- &argo age1mraede6gqxkh2rkeq5fjrcflp7emenl2qn885asxvtx5erga2pdqujuexz
|
||||||
|
- &tom age1s9nvc4rxj3kaj4apmzzn8fmjrudrvdhgu70rg04we9hyse5aadsq7kmckn
|
||||||
|
- &aaron age1z5wtjmk0jw0j9qz9k5rrnp30nzqxrl3v6wgl7eryvqus28zekp4qpx9jc2
|
||||||
|
creation_rules:
|
||||||
|
- path_regex: .*
|
||||||
|
encrypted_regex: ^(data|stringData)$
|
||||||
|
key_groups:
|
||||||
|
- age:
|
||||||
|
- *argo
|
||||||
|
- *tom
|
||||||
|
- *aaron
|
||||||
|
|
@ -1,4 +1,6 @@
|
||||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
|
generators:
|
||||||
|
- secret-generator.yaml
|
||||||
resources:
|
resources:
|
||||||
- grafana-backuper.yaml
|
- grafana-backuper.yaml
|
||||||
|
|
|
||||||
10
base/secret-generator.yaml
Normal file
10
base/secret-generator.yaml
Normal file
|
|
@ -0,0 +1,10 @@
|
||||||
|
apiVersion: viaduct.ai/v1
|
||||||
|
kind: ksops
|
||||||
|
metadata:
|
||||||
|
name: secret-generator
|
||||||
|
annotations:
|
||||||
|
config.kubernetes.io/function: |
|
||||||
|
exec:
|
||||||
|
path: ksops
|
||||||
|
files:
|
||||||
|
- secret.yaml
|
||||||
95
base/secret.yaml
Normal file
95
base/secret.yaml
Normal file
File diff suppressed because one or more lines are too long
Reference in a new issue