add secrets for repo access

This commit is contained in:
Remy Moll 2023-10-09 15:22:46 +02:00
parent 39a939fe22
commit c5c19c4c0f
5 changed files with 44 additions and 76 deletions

2
README.md Normal file
View File

@ -0,0 +1,2 @@
# Kluster setup and IaaC using argoCD

View File

@ -0,0 +1,14 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: journal-application
namespace: argocd
spec:
project: default
source:
repoURL: ssh://git@git.kluster.moll.re:2222/remoll/journal-bot.git
targetRevision: HEAD
path: deployment
destination:
server: https://kubernetes.default.svc
namespace: journal

View File

@ -1,75 +0,0 @@
apiVersion: source.toolkit.fluxcd.io/v1
kind: GitRepository
metadata:
name: journal-bot
namespace: flux-system
spec:
interval: 1m0s
ref:
branch: main
secretRef:
name: journal-bot
timeout: 60s
url: ssh://git@git.kluster.moll.re:2222/remoll/journal-bot.git
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: journal-bot-kustomize
namespace: flux-system
spec:
force: true
interval: 1m0s
path: ./deployment/overlays/main
prune: false
sourceRef:
kind: GitRepository
name: journal-bot
---
apiVersion: image.toolkit.fluxcd.io/v1beta2
kind: ImageRepository
metadata:
name: journal-bot-registry
namespace: flux-system
spec:
image: registry.hub.docker.com/mollre/journal-bot
interval: 15m
---
apiVersion: image.toolkit.fluxcd.io/v1beta2
kind: ImagePolicy
metadata:
name: journal-bot-imagerange
namespace: flux-system
spec:
imageRepositoryRef:
name: journal-bot-registry
policy:
semver:
range: 1.x.x
---
apiVersion: image.toolkit.fluxcd.io/v1beta1
kind: ImageUpdateAutomation
metadata:
name: journal-bot-automation
namespace: flux-system
spec:
interval: 30m
sourceRef:
kind: GitRepository
name: journal-bot
git:
checkout:
ref:
branch: main
commit:
author:
email: flux@moll.re
name: fluxcdbot
messageTemplate: '[CI SKIP] Bump {{range .Updated.Images}}{{println .}}{{end}}'
push:
branch: main
update:
path: ./deployment/base/deployment.yaml
strategy: Setters

View File

@ -0,0 +1,26 @@
{
"kind": "SealedSecret",
"apiVersion": "bitnami.com/v1alpha1",
"metadata": {
"name": "journal-repo",
"namespace": "argocd",
"creationTimestamp": null
},
"spec": {
"template": {
"metadata": {
"name": "journal-repo",
"namespace": "argocd",
"creationTimestamp": null,
"labels": {
"argocd.argoproj.io/secret-type": "repository"
}
}
},
"encryptedData": {
"sshPrivateKey": "AgBXAxyJk0OIXCUQ+bGEX7lj9sqUXHtsu6vflyQpv7USUl5y6WxbTDupwv7ewkqR7tir8fE5NqL6BlTSK1qvUP1L/Ba6jHBkA8r5Yz3QH73fjdjsMj12S/DUhSvN/aoSzwQBF+VW1MIoAhBwjh47DINes+Dbo9fvc9BcXzY5CS8+FcSrzNvh4Jh7u2bv9Xi9RswyeAWdvjRB2gPd1sDWk0yFEdz8d/wvQJ6SmB/+dhuB5RqdvnHtLCZf+wTDbyTyhKR+zUVmv0MhgremDFr+2KEUbWmi1KKhg1uZti7UHZ6KbssltHSMe0LstVQeuzjBBN1YLnc8AIKbCZBh7j7+UJ0ApEwiyA8uet54tjAjD/ai87tZW9fcMXqjlwf/xfB33m8UWZ/RsB2ipUhTMTPgmFrqQ5iK6rCFAHz8MbWy86CE97a7kYq+IwivtOJf5q87KVvfRLR1r/9LGHc0JWIYXaIsBaIakW6lJqeHTrvRfBsucf8b3DJTv6bhih8XZha5oWNx/d0HL21Y8wuxMJ2nM5KMJ5q4Kqor71cWbTqH2Eus/JaW5uU0qQQg6YvuCMc9STTESkm3pn8SJRM/4VLgC9taA2lpT6XykqrnegnxAan22/4FfVdHq4aTsL57KCyIxxb2s3Xg2x3EDRoI0bplMl7G2LAqRSKRQ0OVUEawizI9UFaJ/LLYZtoq61tdTvcNbp/V+w62N5g/4HVrwAElC17GyxpQQmTn+8e3eOU+Vp46VYQgA0g/p/OumJP24IGOCwa4qdLLsxiv8lVLbIDMYQ8sLQyieqOoCwgXSUqJRClT19K/JAaHbdLt5l5ZpGwD13hciaxPOZnSafqMXI/aDQfaWTknuQMtYR8wT2KW19w/x3YQzSU3ntEh9phVFLkMaPScB+rrX5b8QJNBWmsG8Waong8b0kz0gEG7QZCUMZdQqfSGxuBaADg4tJR8VVnSwRlIRw02SsqbL1zi4MQvTNl8l5C6dRU2bgJNj/r6IYKoNlUBtU8lxZ8yqaIDljcnsf/orYjNHLOoXMUamyQl2AZDf89vzYthobhpVlVZKOxA6mcCYjkYCBhVhZ8h+2SckrNnRcU8rajIAjWzKVnhvabAVmsF6cw00+QsgUMaWPb3PSiEwXy1xEhhM591F8AAhHYR4VyDDYUkKQS9UXAUnFJRCWRicGUfnzcvd4EAi0/2Kmz1trUIiCF1f3XTa75ynz4ifzciOU8IwCz/Xw0+vjb8aJ6LCll07Eed2sk=",
"type": "AgBHGEdzEMcn4m58AZwrO2ifFldHAVmtcccH9oh0NGZC5waVFPjD3mQs+OeMzkMQmaBSyOM9FhuYT3fTAZn/Kk68mFj/qhl3U9WQlMB8F5tW0bVVqGFCRJgwH0t74FZiOl7rbz/x5eJybBv2mBZf9slH/iDJo/NrM+EvoawY5+oo7WITUWDf61yM8TAyA9074Z6gdp7mpx4rmAqSd2eVOBA0BQOCnSwYwM4xLDtCbEA19U9fjywPr0FLI1s4iIc3xbR+OxbGh0ke/SHIxQ8C0MfLudfNRZazk7lZ2GISwm1LhePTYVTOeYYtkp03NOjvDidv8WSXRIGYci9gdoNtfa1SqS8h3wUTgMyyA5C2+3nnGXx7NExGlS1nExcfxa0Y+sR/Z9Nldk+UlhBNZP+BtE7yAokXbfKTXzLqLfLq9jRDLlBQlqGiGrklCuNIIS84h0DZtAiE17C7THpHZGDguhxlVnFxCsnyApCjYYE/lKk4zg2/UumktPzPdrwyRl0EZtYChgnCmwtRNfqE1sYUnU6sQI5cQLOrzUVm+RGut+XEqOp14d684fRYkMgqxUdpIvRsO4y8SlSrHq0g5Tu9N3ykrk+l2u1EDOW1tr+JryKMFvQxJrJ+iJlpdXUUc4rFn42PRhhFZ4+xclOl/HqFlSa9m3ycAj+1c+bHrpcymxUonfik6ggDZR7LOKP/0CANuvaUBdU=",
"url": "AgA6Zj3U6h+Qnx+RklbDHcYo+m7F+cSkdqAKeEv0/q2czxoiWZcnNywkFhsLd2JsUZCM2k7/0Z6jdiEKmO7y5Pu6En2KCOHpwVft2GZPrFIa516UUxi53+vJP9VrM7GOMJH77AFZ5OeLM7eFu85TIl9QXe8ZXQeuGdlr3aWNDWY0JPYHMgqJj3XEWv8ebzBTIW30rA2Yykg3Lvfxh1iY5oNf8hJ1XIUTeYler4yysWUQe6FchYVmnv35n54mLRkNeK9I/5anpJdE8aptptX1H0Ci/tYtGts68fKlhMzxnaOjfsw7xvoNOhWfaqoUyT/L8xQnAO7EZiblfJc6Pwvw3rCmdPpIUwTju5pqItvBDRn5TYMsGn7vrzM6ycluXbjpvcGnlM0FkHsekrjJUj+uhy6ZrSHr9pJCGDuxuYDeI0mPVcVpeJDZYB4EE3JBP1UsupoYl96anOGO13NN0+zJOl6oaRIRE3aVLsxaJwfujk9mnh3kyn2waPY2NEcYTn3b8gGMYFsrN9jT1j9edFEx67wG4Gy93EorQDPX5pp31TE37qcknRqqfY/VXu4zcT9aPqm26Ndwhy6fCTSZzt6NRDT7PqUmgcDTN1pJnAZV77/Bh+gAEDzrlClAMDWes/6Fo7iHqtiWQz/LAAWrUJoUrF/wFdZ4Lf7Q8jB4RgaKTegRK3gZeGt1Rp7ljzcFosx9Tfp7M4sWOnk28NhJeHJjp0/TwtnRZ1IQxaaAojlAOubOksXGOa8sojYuYqcE9TatTjvK6T55dSwDxM8="
}
}
}

View File

@ -5,4 +5,5 @@ namespace: argocd
resources:
- whoami/application.yaml
- whoami/
- journal/