From 3c93493e3a75db002609ecd19b2e8f47a8c96043 Mon Sep 17 00:00:00 2001 From: "bunnings-bot[bot]" Date: Sun, 9 Jun 2024 09:02:59 +1000 Subject: [PATCH] move ext sec to sec ns --- .../external-secrets/app/helmrelease.yaml | 2 +- .../external-secrets/app/kustomization.yaml | 2 +- .../external-secrets/ks.yaml | 8 ++++---- .../stores/1password/clustersecretstore.yaml | 6 +++--- .../stores/1password/helmrelease.yaml | 4 ++-- .../stores/1password/kustomization.yaml | 2 +- .../stores/1password/secret.sops.yaml | 16 ++++++++-------- .../external-secrets/stores/kustomization.yaml | 2 +- 8 files changed, 21 insertions(+), 21 deletions(-) rename kubernetes/apps/{kube-system => security}/external-secrets/app/helmrelease.yaml (95%) rename kubernetes/apps/{kube-system => security}/external-secrets/app/kustomization.yaml (81%) rename kubernetes/apps/{kube-system => security}/external-secrets/ks.yaml (80%) rename kubernetes/apps/{kube-system => security}/external-secrets/stores/1password/clustersecretstore.yaml (68%) rename kubernetes/apps/{kube-system => security}/external-secrets/stores/1password/helmrelease.yaml (90%) rename kubernetes/apps/{kube-system => security}/external-secrets/stores/1password/kustomization.yaml (87%) rename kubernetes/apps/{kube-system => security}/external-secrets/stores/1password/secret.sops.yaml (88%) rename kubernetes/apps/{kube-system => security}/external-secrets/stores/kustomization.yaml (80%) diff --git a/kubernetes/apps/kube-system/external-secrets/app/helmrelease.yaml b/kubernetes/apps/security/external-secrets/app/helmrelease.yaml similarity index 95% rename from kubernetes/apps/kube-system/external-secrets/app/helmrelease.yaml rename to kubernetes/apps/security/external-secrets/app/helmrelease.yaml index 88ee4860f..b40265e43 100644 --- a/kubernetes/apps/kube-system/external-secrets/app/helmrelease.yaml +++ b/kubernetes/apps/security/external-secrets/app/helmrelease.yaml @@ -3,7 +3,7 @@ apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: external-secrets - namespace: kube-system + namespace: security spec: interval: 30m timeout: 15m diff --git a/kubernetes/apps/kube-system/external-secrets/app/kustomization.yaml b/kubernetes/apps/security/external-secrets/app/kustomization.yaml similarity index 81% rename from kubernetes/apps/kube-system/external-secrets/app/kustomization.yaml rename to kubernetes/apps/security/external-secrets/app/kustomization.yaml index 1c3fdb04d..dbd58aaae 100644 --- a/kubernetes/apps/kube-system/external-secrets/app/kustomization.yaml +++ b/kubernetes/apps/security/external-secrets/app/kustomization.yaml @@ -1,6 +1,6 @@ --- apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -namespace: kube-system +namespace: security resources: - ./helmrelease.yaml diff --git a/kubernetes/apps/kube-system/external-secrets/ks.yaml b/kubernetes/apps/security/external-secrets/ks.yaml similarity index 80% rename from kubernetes/apps/kube-system/external-secrets/ks.yaml rename to kubernetes/apps/security/external-secrets/ks.yaml index 93201016a..abbd214cf 100644 --- a/kubernetes/apps/kube-system/external-secrets/ks.yaml +++ b/kubernetes/apps/security/external-secrets/ks.yaml @@ -5,11 +5,11 @@ metadata: name: &appname external-secrets namespace: flux-system spec: - targetNamespace: kube-system + targetNamespace: security commonMetadata: labels: app.kubernetes.io/name: *appname - path: ./kubernetes/apps/kube-system/external-secrets/app + path: ./kubernetes/apps/security/external-secrets/app prune: false sourceRef: kind: GitRepository @@ -25,13 +25,13 @@ metadata: name: &appname external-secrets-stores namespace: flux-system spec: - targetNamespace: kube-system + targetNamespace: security commonMetadata: labels: app.kubernetes.io/name: *appname dependsOn: - name: external-secrets - path: ./kubernetes/apps/kube-system/external-secrets/stores + path: ./kubernetes/apps/security/external-secrets/stores prune: false sourceRef: kind: GitRepository diff --git a/kubernetes/apps/kube-system/external-secrets/stores/1password/clustersecretstore.yaml b/kubernetes/apps/security/external-secrets/stores/1password/clustersecretstore.yaml similarity index 68% rename from kubernetes/apps/kube-system/external-secrets/stores/1password/clustersecretstore.yaml rename to kubernetes/apps/security/external-secrets/stores/1password/clustersecretstore.yaml index 1c7b37d8c..17dc847ff 100644 --- a/kubernetes/apps/kube-system/external-secrets/stores/1password/clustersecretstore.yaml +++ b/kubernetes/apps/security/external-secrets/stores/1password/clustersecretstore.yaml @@ -3,11 +3,11 @@ apiVersion: external-secrets.io/v1beta1 kind: ClusterSecretStore metadata: name: onepassword-connect - namespace: kube-system + namespace: security spec: provider: onepassword: - connectHost: http://onepassword-connect.kube-system.svc.cluster.local:8080 + connectHost: http://onepassword-connect.security.svc.cluster.local:8080 vaults: sc-secrets: 1 auth: @@ -15,4 +15,4 @@ spec: connectTokenSecretRef: name: onepassword-connect-secret key: token - namespace: kube-system + namespace: security diff --git a/kubernetes/apps/kube-system/external-secrets/stores/1password/helmrelease.yaml b/kubernetes/apps/security/external-secrets/stores/1password/helmrelease.yaml similarity index 90% rename from kubernetes/apps/kube-system/external-secrets/stores/1password/helmrelease.yaml rename to kubernetes/apps/security/external-secrets/stores/1password/helmrelease.yaml index 64bcb6653..20ba34bfe 100644 --- a/kubernetes/apps/kube-system/external-secrets/stores/1password/helmrelease.yaml +++ b/kubernetes/apps/security/external-secrets/stores/1password/helmrelease.yaml @@ -3,7 +3,7 @@ apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: onepassword-connect - namespace: kube-system + namespace: security spec: interval: 30m timeout: 15m @@ -16,7 +16,7 @@ spec: name: 1password-charts namespace: flux-system values: - namespace: kube-system + namespace: security connect: credentialsName: onepassword-connect-secret credentialsKey: 1password-credentials.json diff --git a/kubernetes/apps/kube-system/external-secrets/stores/1password/kustomization.yaml b/kubernetes/apps/security/external-secrets/stores/1password/kustomization.yaml similarity index 87% rename from kubernetes/apps/kube-system/external-secrets/stores/1password/kustomization.yaml rename to kubernetes/apps/security/external-secrets/stores/1password/kustomization.yaml index f325b3a94..f5ce01e9f 100644 --- a/kubernetes/apps/kube-system/external-secrets/stores/1password/kustomization.yaml +++ b/kubernetes/apps/security/external-secrets/stores/1password/kustomization.yaml @@ -1,7 +1,7 @@ --- apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -namespace: kube-system +namespace: security resources: - ./secret.sops.yaml - ./helmrelease.yaml diff --git a/kubernetes/apps/kube-system/external-secrets/stores/1password/secret.sops.yaml b/kubernetes/apps/security/external-secrets/stores/1password/secret.sops.yaml similarity index 88% rename from kubernetes/apps/kube-system/external-secrets/stores/1password/secret.sops.yaml rename to kubernetes/apps/security/external-secrets/stores/1password/secret.sops.yaml index 3c7424c04..22b427ea2 100644 --- a/kubernetes/apps/kube-system/external-secrets/stores/1password/secret.sops.yaml +++ b/kubernetes/apps/security/external-secrets/stores/1password/secret.sops.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: name: onepassword-connect-secret - namespace: kube-system + namespace: security stringData: 1password-credentials.json: ENC[AES256_GCM,data:/i2ByL+eX5evCHU5eIXbkbDfI6cp6MrAlcf9HP1IR+MKhUsUl8UDI13gKHbBSW+np2irt9h8NExrRAgKNOQJfPU79I/VRLnyuz9Z0nullP49gb6iiN8K97wqsKoNt3BG4aXKUabm9sZA+2COCn5MZL8v9/vdkbQ/68pInR6PHHRdcuLFZ77ZeHLSVyT7mjEy3Vb6N1azbxDme+Pv7sHsts0eM3bYlNZ1don2wdxRo8H1zC3tvu0aBBF789W1ardqwhdu2UdB8aiasewJvFcPJ/gOJW9e/NPqymyqR59iZBarO427g2kTVrH70qMJszKsAkxnXZuxTmsol5wR9cWdcM5rn9E79xigrGacZ4SNE8FAMNMj1kmPTt7mXh44G+no/Zj4JWATPGmMO2Cv/2swk0QUBy21PNF6moDlAFqcPjvqT+U2tRupScRd8BG/qOeKFUBDg8P53yZfC46gVOMq4HE3PPGdDWwe1PZ0uV6FIt38mxg0Haf7Iqzi+GQECXMUZaqoX1mdqA2Q9IplhMZZsX8PYYlq8krHqfl+zw8I2DjI63Mo07bf4iFkjMxFccnnn5UG+i4a9XSZJeSGMRUCD1VzRddhTzquWjKVSQtBbThtOecXNsL5kudoW7+KtyLuPHSceiycdwYtwpJ6lS/U+UzZTYgvp+TT8z4MNsDZ7HiUfaSuyj8J8QunC5vlx/QcmNhIYQaSLPM5rkPeVG5ldp/yc8bogFSM/sQx3MQFy6qXoonrOyjA3aylN+lQrNZhwqPCBBeOPpGqNteihOPwkRgApS3hO0WGF5/O6y/ztnQvFIHdXmER6Nn0n74889Tj/9GLVPoHKq6gM9txjC/0r7q7l8kXOV5X4fHBK6dnRnSqRuohjhLAkoH53c7jo1VT//mN05jBEuFhHnKPt43RnjIBV+FUshnbENju2k70fjT6yrf4dAvevaUrm6Qm1vZLAS5dZd4Fps8LBmhsVyZJZW/+VMLOxzgPWGH6UTCKncMc6uwcAHZdKb7mfS/LTeZ9wndW1lVNoAmWKk5sxTpwOxDPDBHQaroX/0beEnYVMXjpk5eyCfmy+Rq+WxfjglEwuEjBgW9niXNoIQjosb7H5RnWZb8UVMsBXPb4lXy9tmoz7Pz0r71iHumMu5oduDgyGNuTnFsC4tc6GbRuQabmQ5zLaHURq6ALNEOmyUMYTBLJ2SiKwG78mVpxY/rzlZbBXhgDNLZykJa+kmDFXQXFFVM55a2GwWqhiyVTE6bjp/EeMF8kLFBZ+6c/OvE2vJMsVuxKlQVrUoMeRGyqUrwRxLPyWN+TPTIXt2xjrPfNU6GDQHXZZ141YNC84GXPtkJFwIdsUw9a5ih8HTi+SwIy0OdZKyei0o+vyL5fD+ZVikM1n7OlHst/0+3CZx2qUTW4txpwogGri4/duMevIWwnqtdnctI1U8Y68UfXFXLH1s0DYh9nnprHfTZcbJq2eQYJDi4TjfooEzPaYO3rreVRvptsVQecVCPDksn9xxWLMVNJWECgeBp7uWO2gr+GUdp5JGq2W25Xu0au8HJESYknm1MeowZxZJ7UYp/Ri9Ad4Vmu/bnvTQsUKA5Z8AzkrleLojtmdv0Wzz/nr2qrXKtdu1vgqugfReVYn+nAoOfNxlJfb38XTUhVVt7AVdfkuwUH4NsAOktqJjhCgNPjjrL5r2kq36jIF190/2+K186/q3ZDqCzi85LdrMPmKMrTS6v9nPfa9baCWsw7G30cWUsgjSSEZyKFk5z6e/+b+UeW5ykUODXqDjArL74kYtAEpfb/v311QpY1/+M0hNGDelzYdInccv/3wbfoRlbaZtx+OlctmuLIU2HH2L39Y0QcrnuokF2B/umlw0HS8xsKJBHwg5vcfoh3BYBYc5Ud80tfpaRlXj1PGJPsHDdF1TRCqDXe0WEhpmLkUgfm3RCP,iv:DTaBUwRJw9RqUlzZ5w42GVL5tSdW9Ajb0r5rQph5TTQ=,tag:nX0NLkt+skQb6OvfU8+iUg==,type:str] token: ENC[AES256_GCM,data:tZh5HVKORV6bOlmPecoc/DTWH8sngxGfIzKRn8H2li013ZqHqTKota96XNswvr8Jn1tiIiXJTFjpeWzty7U8wbyskL9vFG80AULNjPxk8y2SMMr9ucLLmQRbnaOkInshgld49wVmtll3HabGPkGoupYmNisMKwo179n6a2ELttSZk0jhOKPHtIIy0PpH1/BxqpfFeYdv3i3vNQpPOJyHypGghhP3Qmz7PJKZbXmpyPAbuEpbnK9hMQAN2jbrJAZN14semRVD21mpdjwTzF6bA9gZ03A7I0j2vguZ6E91jc3u/1EA0i0OQaRqyLWjvTpo0APLoLRR7lW46XGsZxyWRFY52F/HDWfR6rVkJ9xM41ALk+OkzDPoBAHFHMntbUfDmcD8La/K9z1urT/Ic8LhTdS9KJnCc6fCGU+P73ZEAkedQnKB11XM8GxIEG363R15c+W9IGM3NNo+FzhBDcXZGH3eqfqnSFQyQuzHfyiMMsS2M0qtTkV0iHQOmwNikgLR4PYmlaOlrNBxRAgnOSyKyYxNsfSjR8pYBTRhvHPdvHVPLgCnQLy9Wk/kpBh8G3DLE3EGlYygBdiPryR0jeXpWDdm2MrW52Ca3Gtdsc1VpzbexgKOUg9NIFXIi7mmstbh3561RQInuy61t9pGXsuWLsXOu9nPZqCefjUgBuNKjq9rDAZ15Cnv8AaYexrRl3cJymC8veF28FKWj6hz95vN282OB5Np9AkncN8hqKAe3zrVxOXxCiT5MWHcLCYI7F9hOb6WRJ/fzvlwWijgn4T6e2bhh5pSXyzto0vv5JQlmSuB1nC082LxP6v67K7MtBoiqpqhKLcJn38y47yUrBomwSTuCQ==,iv:ZoSeyXi0TeQdnM7eQ9lldt+bqCwVpTOeQmZIWPYxixs=,tag:Pevm6SswQ3wWyV2e9eFvMQ==,type:str] @@ -14,13 +14,13 @@ sops: age: - recipient: age153gpfdw58csvgxj3vn9ym2g3zx7mfhaldyz5uvvrfajne8htj3asjqrp7h enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlaXJkelRRRUxySkFOZlZs - UTNnakhjcit4akhwYkdIUUJNdHJnWmh4bEE4CnBmWGd0N29jQ3RVVVBYL25yOWV3 - UEdjak0vWG1FdGNUemN2VFNiNVhUVHMKLS0tIE9vYkZiaUdCUFVCZUFlb3lBSDht - aVprSGo0Qlp6b294T1hPQmIwTS9UeWcKXKI9w4Na0HunR5EX+2gUhI4SzlCrYwtn - uw17ieNU3P14Syi3NbQTL4RC0rjO2r4ouL2yBnHB+1r96MbPSKldzQ== - -----END AGE ENCRYPTED FILE----- + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlaXJkelRRRUxySkFOZlZs + UTNnakhjcit4akhwYkdIUUJNdHJnWmh4bEE4CnBmWGd0N29jQ3RVVVBYL25yOWV3 + UEdjak0vWG1FdGNUemN2VFNiNVhUVHMKLS0tIE9vYkZiaUdCUFVCZUFlb3lBSDht + aVprSGo0Qlp6b294T1hPQmIwTS9UeWcKXKI9w4Na0HunR5EX+2gUhI4SzlCrYwtn + uw17ieNU3P14Syi3NbQTL4RC0rjO2r4ouL2yBnHB+1r96MbPSKldzQ== + -----END AGE ENCRYPTED FILE----- lastmodified: "2024-04-14T13:09:40Z" mac: ENC[AES256_GCM,data:eW0CmHUGsyuDR3t1/6StrVkPt8MikHq0Jpb/GyWRxaOXcOzIUYwNDHIeDQxDB+Zx3KQFeEHo2FcmeuCv9O0+YdC1+ft8GE5fmsk9AfzTtpwForjlKbVsvTVlaW/TmJrNtFyMlIp0D7S1WEEYoIRE7bTTKC6En6vyqXk7h++PfqM=,iv:5h3btZ/BJZXHcn19Wq8gFArAlo9nhzmes5FmfJT/KWc=,tag:vXXHbH6MzwGZzHXc1T+lQQ==,type:str] pgp: [] diff --git a/kubernetes/apps/kube-system/external-secrets/stores/kustomization.yaml b/kubernetes/apps/security/external-secrets/stores/kustomization.yaml similarity index 80% rename from kubernetes/apps/kube-system/external-secrets/stores/kustomization.yaml rename to kubernetes/apps/security/external-secrets/stores/kustomization.yaml index f65de3430..e8a7ebebb 100644 --- a/kubernetes/apps/kube-system/external-secrets/stores/kustomization.yaml +++ b/kubernetes/apps/security/external-secrets/stores/kustomization.yaml @@ -1,6 +1,6 @@ --- apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -namespace: kube-system +namespace: security resources: - ./1password