From c5c19c4c0f7ee7d329080b04ecbbf2c35a2e6867 Mon Sep 17 00:00:00 2001
From: Remy Moll <me@moll.re>
Date: Mon, 9 Oct 2023 15:22:46 +0200
Subject: [PATCH] add secrets for repo access

---
 README.md                                     |  2 +
 kluster-deployments/journal/application.yaml  | 14 ++++
 .../journal/deploymentreference.yaml          | 75 -------------------
 .../journal/repo.sealedsecret.yaml            | 26 +++++++
 kluster-deployments/kustomization.yaml        |  3 +-
 5 files changed, 44 insertions(+), 76 deletions(-)
 create mode 100644 README.md
 create mode 100644 kluster-deployments/journal/application.yaml
 delete mode 100644 kluster-deployments/journal/deploymentreference.yaml
 create mode 100644 kluster-deployments/journal/repo.sealedsecret.yaml

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..0b51c73
--- /dev/null
+++ b/README.md
@@ -0,0 +1,2 @@
+# Kluster setup and IaaC using argoCD
+
diff --git a/kluster-deployments/journal/application.yaml b/kluster-deployments/journal/application.yaml
new file mode 100644
index 0000000..3ecf6db
--- /dev/null
+++ b/kluster-deployments/journal/application.yaml
@@ -0,0 +1,14 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: journal-application
+  namespace: argocd
+spec:
+  project: default
+  source:
+    repoURL: ssh://git@git.kluster.moll.re:2222/remoll/journal-bot.git
+    targetRevision: HEAD
+    path: deployment
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: journal
diff --git a/kluster-deployments/journal/deploymentreference.yaml b/kluster-deployments/journal/deploymentreference.yaml
deleted file mode 100644
index 0dad838..0000000
--- a/kluster-deployments/journal/deploymentreference.yaml
+++ /dev/null
@@ -1,75 +0,0 @@
-apiVersion: source.toolkit.fluxcd.io/v1
-kind: GitRepository
-metadata:
-  name: journal-bot
-  namespace: flux-system
-spec:
-  interval: 1m0s
-  ref:
-    branch: main
-  secretRef:
-    name: journal-bot
-  timeout: 60s
-  url: ssh://git@git.kluster.moll.re:2222/remoll/journal-bot.git
----
-apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
-metadata:
-  name: journal-bot-kustomize
-  namespace: flux-system
-spec:
-  force: true
-  interval: 1m0s
-  path: ./deployment/overlays/main
-  prune: false
-  sourceRef:
-    kind: GitRepository
-    name: journal-bot
-
----
-apiVersion: image.toolkit.fluxcd.io/v1beta2
-kind: ImageRepository
-metadata:
-  name: journal-bot-registry
-  namespace: flux-system
-spec:
-  image: registry.hub.docker.com/mollre/journal-bot
-  interval: 15m
-
----
-apiVersion: image.toolkit.fluxcd.io/v1beta2
-kind: ImagePolicy
-metadata:
-  name: journal-bot-imagerange
-  namespace: flux-system
-spec:
-  imageRepositoryRef:
-    name: journal-bot-registry
-  policy:
-    semver:
-      range: 1.x.x
----
-apiVersion: image.toolkit.fluxcd.io/v1beta1
-kind: ImageUpdateAutomation
-metadata:
-  name: journal-bot-automation
-  namespace: flux-system
-spec:
-  interval: 30m
-  sourceRef:
-    kind: GitRepository
-    name: journal-bot
-  git:
-    checkout:
-      ref:
-        branch: main
-    commit:
-      author:
-        email: flux@moll.re
-        name: fluxcdbot
-      messageTemplate: '[CI SKIP] Bump {{range .Updated.Images}}{{println .}}{{end}}'
-    push:
-      branch: main
-  update:
-    path: ./deployment/base/deployment.yaml
-    strategy: Setters
\ No newline at end of file
diff --git a/kluster-deployments/journal/repo.sealedsecret.yaml b/kluster-deployments/journal/repo.sealedsecret.yaml
new file mode 100644
index 0000000..d2fa7fc
--- /dev/null
+++ b/kluster-deployments/journal/repo.sealedsecret.yaml
@@ -0,0 +1,26 @@
+{
+  "kind": "SealedSecret",
+  "apiVersion": "bitnami.com/v1alpha1",
+  "metadata": {
+    "name": "journal-repo",
+    "namespace": "argocd",
+    "creationTimestamp": null
+  },
+  "spec": {
+    "template": {
+      "metadata": {
+        "name": "journal-repo",
+        "namespace": "argocd",
+        "creationTimestamp": null,
+        "labels": {
+          "argocd.argoproj.io/secret-type": "repository"
+        }
+      }
+    },
+    "encryptedData": {
+      "sshPrivateKey": "AgBXAxyJk0OIXCUQ+bGEX7lj9sqUXHtsu6vflyQpv7USUl5y6WxbTDupwv7ewkqR7tir8fE5NqL6BlTSK1qvUP1L/Ba6jHBkA8r5Yz3QH73fjdjsMj12S/DUhSvN/aoSzwQBF+VW1MIoAhBwjh47DINes+Dbo9fvc9BcXzY5CS8+FcSrzNvh4Jh7u2bv9Xi9RswyeAWdvjRB2gPd1sDWk0yFEdz8d/wvQJ6SmB/+dhuB5RqdvnHtLCZf+wTDbyTyhKR+zUVmv0MhgremDFr+2KEUbWmi1KKhg1uZti7UHZ6KbssltHSMe0LstVQeuzjBBN1YLnc8AIKbCZBh7j7+UJ0ApEwiyA8uet54tjAjD/ai87tZW9fcMXqjlwf/xfB33m8UWZ/RsB2ipUhTMTPgmFrqQ5iK6rCFAHz8MbWy86CE97a7kYq+IwivtOJf5q87KVvfRLR1r/9LGHc0JWIYXaIsBaIakW6lJqeHTrvRfBsucf8b3DJTv6bhih8XZha5oWNx/d0HL21Y8wuxMJ2nM5KMJ5q4Kqor71cWbTqH2Eus/JaW5uU0qQQg6YvuCMc9STTESkm3pn8SJRM/4VLgC9taA2lpT6XykqrnegnxAan22/4FfVdHq4aTsL57KCyIxxb2s3Xg2x3EDRoI0bplMl7G2LAqRSKRQ0OVUEawizI9UFaJ/LLYZtoq61tdTvcNbp/V+w62N5g/4HVrwAElC17GyxpQQmTn+8e3eOU+Vp46VYQgA0g/p/OumJP24IGOCwa4qdLLsxiv8lVLbIDMYQ8sLQyieqOoCwgXSUqJRClT19K/JAaHbdLt5l5ZpGwD13hciaxPOZnSafqMXI/aDQfaWTknuQMtYR8wT2KW19w/x3YQzSU3ntEh9phVFLkMaPScB+rrX5b8QJNBWmsG8Waong8b0kz0gEG7QZCUMZdQqfSGxuBaADg4tJR8VVnSwRlIRw02SsqbL1zi4MQvTNl8l5C6dRU2bgJNj/r6IYKoNlUBtU8lxZ8yqaIDljcnsf/orYjNHLOoXMUamyQl2AZDf89vzYthobhpVlVZKOxA6mcCYjkYCBhVhZ8h+2SckrNnRcU8rajIAjWzKVnhvabAVmsF6cw00+QsgUMaWPb3PSiEwXy1xEhhM591F8AAhHYR4VyDDYUkKQS9UXAUnFJRCWRicGUfnzcvd4EAi0/2Kmz1trUIiCF1f3XTa75ynz4ifzciOU8IwCz/Xw0+vjb8aJ6LCll07Eed2sk=",
+      "type": "AgBHGEdzEMcn4m58AZwrO2ifFldHAVmtcccH9oh0NGZC5waVFPjD3mQs+OeMzkMQmaBSyOM9FhuYT3fTAZn/Kk68mFj/qhl3U9WQlMB8F5tW0bVVqGFCRJgwH0t74FZiOl7rbz/x5eJybBv2mBZf9slH/iDJo/NrM+EvoawY5+oo7WITUWDf61yM8TAyA9074Z6gdp7mpx4rmAqSd2eVOBA0BQOCnSwYwM4xLDtCbEA19U9fjywPr0FLI1s4iIc3xbR+OxbGh0ke/SHIxQ8C0MfLudfNRZazk7lZ2GISwm1LhePTYVTOeYYtkp03NOjvDidv8WSXRIGYci9gdoNtfa1SqS8h3wUTgMyyA5C2+3nnGXx7NExGlS1nExcfxa0Y+sR/Z9Nldk+UlhBNZP+BtE7yAokXbfKTXzLqLfLq9jRDLlBQlqGiGrklCuNIIS84h0DZtAiE17C7THpHZGDguhxlVnFxCsnyApCjYYE/lKk4zg2/UumktPzPdrwyRl0EZtYChgnCmwtRNfqE1sYUnU6sQI5cQLOrzUVm+RGut+XEqOp14d684fRYkMgqxUdpIvRsO4y8SlSrHq0g5Tu9N3ykrk+l2u1EDOW1tr+JryKMFvQxJrJ+iJlpdXUUc4rFn42PRhhFZ4+xclOl/HqFlSa9m3ycAj+1c+bHrpcymxUonfik6ggDZR7LOKP/0CANuvaUBdU=",
+      "url": "AgA6Zj3U6h+Qnx+RklbDHcYo+m7F+cSkdqAKeEv0/q2czxoiWZcnNywkFhsLd2JsUZCM2k7/0Z6jdiEKmO7y5Pu6En2KCOHpwVft2GZPrFIa516UUxi53+vJP9VrM7GOMJH77AFZ5OeLM7eFu85TIl9QXe8ZXQeuGdlr3aWNDWY0JPYHMgqJj3XEWv8ebzBTIW30rA2Yykg3Lvfxh1iY5oNf8hJ1XIUTeYler4yysWUQe6FchYVmnv35n54mLRkNeK9I/5anpJdE8aptptX1H0Ci/tYtGts68fKlhMzxnaOjfsw7xvoNOhWfaqoUyT/L8xQnAO7EZiblfJc6Pwvw3rCmdPpIUwTju5pqItvBDRn5TYMsGn7vrzM6ycluXbjpvcGnlM0FkHsekrjJUj+uhy6ZrSHr9pJCGDuxuYDeI0mPVcVpeJDZYB4EE3JBP1UsupoYl96anOGO13NN0+zJOl6oaRIRE3aVLsxaJwfujk9mnh3kyn2waPY2NEcYTn3b8gGMYFsrN9jT1j9edFEx67wG4Gy93EorQDPX5pp31TE37qcknRqqfY/VXu4zcT9aPqm26Ndwhy6fCTSZzt6NRDT7PqUmgcDTN1pJnAZV77/Bh+gAEDzrlClAMDWes/6Fo7iHqtiWQz/LAAWrUJoUrF/wFdZ4Lf7Q8jB4RgaKTegRK3gZeGt1Rp7ljzcFosx9Tfp7M4sWOnk28NhJeHJjp0/TwtnRZ1IQxaaAojlAOubOksXGOa8sojYuYqcE9TatTjvK6T55dSwDxM8="
+    }
+  }
+}
diff --git a/kluster-deployments/kustomization.yaml b/kluster-deployments/kustomization.yaml
index 85a93a9..d668ec8 100644
--- a/kluster-deployments/kustomization.yaml
+++ b/kluster-deployments/kustomization.yaml
@@ -5,4 +5,5 @@ namespace: argocd
 
 
 resources:
-  - whoami/application.yaml
+  - whoami/
+  - journal/