shpaq/auricom-home-cluster
1
0
Fork 0
mirror of https://github.com/auricom/home-cluster.git synced 2025-09-17 18:24:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

🔐 weaveworks secrets

Browse Source
This commit is contained in:
auricom
2023-09-14 13:46:43 +02:00
parent 0c193d4f53
commit 608837d803
6 changed files with 26 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
kubernetes/apps/flux-system/addons/notifications/github/externalsecret.yaml Normal file
View File

@@ -0,0 +1,20 @@
# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: flux
namespace: flux-system
spec:
secretStoreRef:
kind: ClusterSecretStore
name: onepassword-connect
target:
name: github-notification-token
creationPolicy: Owner
template:
engineVersion: v2
data:
token: '{{ .GITHUB_NOTIFICATION_WEBHOOK_TOKEN }}'
dataFrom:
- extract:
key: weaveworks

2
kubernetes/apps/flux-system/addons/notifications/github/kustomization.yaml
View File

@@ -3,5 +3,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1 apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization kind: Kustomization
resources: resources:
- ./externalsecret.yaml
- ./notification.yaml - ./notification.yaml
- ./secret.sops.yaml

2
kubernetes/apps/flux-system/addons/notifications/github/notification.yaml
View File

@@ -9,7 +9,7 @@ spec:
type: github type: github
address: https://github.com/auricom/home-ops address: https://github.com/auricom/home-ops
secretRef: secretRef:
name: github-token name: github-notification-token
--- ---
# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/alert_v1beta2.json # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/alert_v1beta2.json
apiVersion: notification.toolkit.fluxcd.io/v1beta1 apiVersion: notification.toolkit.fluxcd.io/v1beta1

28
kubernetes/apps/flux-system/addons/notifications/github/secret.sops.yaml
View File

@@ -1,28 +0,0 @@
# yamllint disable
apiVersion: v1
kind: Secret
metadata:
name: github-token
namespace: flux-system
stringData:
token: ENC[AES256_GCM,data:MijeX3Zk62v/9zLNbXCRKv/qCcW60y6doQeMwVbGEEgd1x2GK0M5Sg==,iv:5dRwHdb40jD/hyNow9iZco4WglmzcbSEOTN0iI3kHyc=,tag:+mBUypMeV1rvh9HsxyTkMw==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1hhurqwmfvl9m3vh3hk8urulfzcdsrep2ax2neazqt435yhpamu3qj20asg
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpQ0wxZy9rTERQZzRhVkJQ
azZDZ3dxMzZMTGovQWhSNHFiblB0OGRFRnhrCjZFRTVXaWNoSHF3VnRJNE1vRVhi
Sm92RWtVOFZWQldiaER2TnBXcldTclkKLS0tIDk5bkNwem5SOE14T3VKWTdISzMr
c0xvS1hoZ2ZUbyswUDJmWTQ5cUJIL00KOzoh9t/QtMJ3DXzagZNz5MbuqK8mtx2N
apAGT2tSzS9e2Pl8OruH57SGs972wHJQ9pnIHdbzhHkviIChUVApmg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2022-09-12T22:06:51Z"
mac: ENC[AES256_GCM,data:HNY3DtP5mX1ivOOnuv8hBnKhQIXiH7NLLiRh7rloHNMhq5NY1a1BnaS7FMhUq3vxcE9XMgvG7A/gLKI3diezS779vaiSrpnHS3cbb45J0hGB1bqOrkhAV+BQgOiPL6hrv2ouA2VK1VOin9z7kBzXCIOh9UnZmNi0H/Qy6e/45X4=,iv:5fbAnwGoKAYFcFhf5Di6epWvNZgwyX71QJQSN/Krt/k=,tag:Mu+KOOea1XkYJtO1HawxPA==,type:str]
pgp: []
encrypted_regex: ^(data|stringData)$
version: 3.7.3

4
kubernetes/apps/flux-system/addons/webhooks/github/externalsecret.yaml
View File

@@ -15,7 +15,7 @@ spec:
template: template:
engineVersion: v2 engineVersion: v2
data: data:
token: "{{ .GITHUB_WEBHOOK_TOKEN }}" token: "{{ .GITHUB_SYNC_WEBHOOK_TOKEN }}"
dataFrom: dataFrom:
- extract: - extract:
key: flux key: weaveworks

4
kubernetes/apps/flux-system/weave-gitops/app/externalsecret.yaml
View File

@@ -15,7 +15,7 @@ spec:
template: template:
engineVersion: v2 engineVersion: v2
data: data:
adminPassword: "{{ .WEAVE_GITOPS_ADMIN_PASSWORD }}" adminPassword: "{{ .password }}"
dataFrom: dataFrom:
- extract: - extract:
key: flux key: weaveworks