dvirlabs/secrets-gitops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: dvirlabs:fb5a9fe029ba77004f738c805447eeab50e68289
Branches Tags
dvirlabs:master
...
compare: dvirlabs:cc8617b404f45611858c245ee9d3a8a159abecd2
Branches Tags
dvirlabs:master

10 Commits
fb5a9fe029 ... cc8617b404

Author SHA1 Message Date
dvirlabs
cc8617b404 Comment cluster-secretstores app 2025-08-10 05:39:17 +03:00
dvirlabs
bbc7bcff48 Fix general-secrets and internal users 2025-07-24 04:17:13 +03:00
dvirlabs
6dc5ff4f67 Change the token for vault-oidc-clients 2025-07-24 04:15:23 +03:00
dvirlabs
db5e9891e1 Change the token for vault-oidc-clients 2025-07-24 04:14:24 +03:00
dvirlabs
88edbfa75e Create new ClusterSecretStore for general secrets 2025-05-25 04:27:42 +03:00
dvirlabs
ff45d73102 Fix duplicate apps 2025-05-23 07:10:07 +03:00
dvirlabs
d231509c97 Fix appset to uniqe name 2025-05-23 04:20:37 +03:00
dvirlabs
f68b049013 Add path for internal-users (app that not support oidc) 2025-05-23 02:13:28 +03:00
dvirlabs
d838aea292 Fix appset 2025-05-22 23:08:40 +03:00
dvirlabs
a4a11a8f8a Fix appset to deploy on dev-tools insted of monitoring 2025-05-22 21:38:25 +03:00
4 changed files with 64 additions and 34 deletions
Show Stats Expand all files Collapse all files

62
applicationsets/cluster-secretstores-appset.yaml
View File

@ -1,31 +1,31 @@
apiVersion: argoproj.io/v1alpha1 # apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet # kind: ApplicationSet
metadata: # metadata:
name: cluster-secretstores # name: cluster-secretstores
namespace: argocd # namespace: argocd
spec: # spec:
generators: # generators:
- git: # - git:
repoURL: https://git.dvirlabs.com/dvirlabs/secrets-gitops.git # repoURL: https://git.dvirlabs.com/dvirlabs/secrets-gitops.git
revision: master # revision: master
files: # files:
- path: cluster-secretstores/*.yaml # - path: cluster-secretstores/*.yaml
template: # template:
metadata: # metadata:
name: cluster-secretstore-{{path.basename}} # name: cluster-secretstore-{{path.filename}} # <-- FIXED
spec: # spec:
project: dev-tools # project: dev-tools
source: # source:
repoURL: https://git.dvirlabs.com/dvirlabs/secrets-gitops.git # repoURL: https://git.dvirlabs.com/dvirlabs/secrets-gitops.git
targetRevision: master # targetRevision: master
path: cluster-secretstores # path: cluster-secretstores
directory: # directory:
recurse: false # recurse: false
include: '{{path.basename}}.yaml' # include: '{{path.filename}}'
destination: # destination:
server: https://kubernetes.default.svc # server: https://kubernetes.default.svc
namespace: monitoring # namespace: dev-tools
syncPolicy: # syncPolicy:
automated: # automated:
prune: true # prune: true
selfHeal: true # selfHeal: true

15
cluster-secretstores/vault-general-secrets.yaml Normal file
View File

@ -0,0 +1,15 @@
apiVersion: external-secrets.io/v1beta1
kind: ClusterSecretStore
metadata:
name: vault-general-secrets
spec:
provider:
vault:
server: "http://vault.dev-tools.svc.cluster.local:8200"
path: "general-secrets"
version: "v2"
auth:
tokenSecretRef:
name: vault-eso-token
key: token
namespace: dev-tools

15
cluster-secretstores/vault-internal-users.yaml Normal file
View File

@ -0,0 +1,15 @@
apiVersion: external-secrets.io/v1beta1
kind: ClusterSecretStore
metadata:
name: vault-internal-users
spec:
provider:
vault:
server: "http://vault.dev-tools.svc.cluster.local:8200"
path: "internal-users"
version: "v2"
auth:
tokenSecretRef:
name: vault-eso-token
key: token
namespace: dev-tools

6
cluster-secretstores/vault-oidc-clients.yaml
View File

@ -6,10 +6,10 @@ spec:
provider: provider:
vault: vault:
server: "http://vault.dev-tools.svc.cluster.local:8200" server: "http://vault.dev-tools.svc.cluster.local:8200"
path: "oidc-cliets" path: "oidc-clients"
version: "v2" version: "v2"
auth: auth:
tokenSecretRef: tokenSecretRef:
name: vault-init name: vault-eso-token
key: root-token key: token
namespace: dev-tools namespace: dev-tools