From 51f95240386acb146039a4634eb323eb75abb6ce Mon Sep 17 00:00:00 2001 From: David Landry Date: Sat, 25 May 2024 00:50:46 -0400 Subject: [PATCH] chore(test): test ksops --- .sops.yaml | 2 ++ apps/test/overlays/media/config.json | 11 ++++++++ apps/test/overlays/media/kustomization.yaml | 5 ++++ .../overlays/media/test-ksops-secret.enc.yaml | 28 +++++++++++++++++++ .../overlays/media/test-secret-generator.yaml | 10 +++++++ 5 files changed, 56 insertions(+) create mode 100644 apps/test/overlays/media/config.json create mode 100644 apps/test/overlays/media/kustomization.yaml create mode 100644 apps/test/overlays/media/test-ksops-secret.enc.yaml create mode 100644 apps/test/overlays/media/test-secret-generator.yaml diff --git a/.sops.yaml b/.sops.yaml index 7021297..de19ae7 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -1,2 +1,4 @@ creation_rules: - age: "age1y26vr5qt6th3wu92rnsgkqcpxxah3pqkqa4khcjjycm3kg40aqyqjgfzx9" + encrypted_regex: "^(data|stringData)$" + path_regex: .*\.enc\.ya?ml diff --git a/apps/test/overlays/media/config.json b/apps/test/overlays/media/config.json new file mode 100644 index 0000000..fad61e6 --- /dev/null +++ b/apps/test/overlays/media/config.json @@ -0,0 +1,11 @@ +{ + "appName": "test-ksops", + "userGivenName": "test-ksops", + "destNamespace": "test-app", + "destServer": "https://kubernetes.default.svc", + "srcPath": "apps/test/overlays/media", + "srcRepoURL": "ssh://git@gitea-ssh.gitops.svc.cluster.local:2222/davad/argo.git", + "srcTargetRevision": "", + "labels": null, + "annotations": null +} diff --git a/apps/test/overlays/media/kustomization.yaml b/apps/test/overlays/media/kustomization.yaml new file mode 100644 index 0000000..13bb01b --- /dev/null +++ b/apps/test/overlays/media/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +generators: + - ./test-secret-generator.yaml diff --git a/apps/test/overlays/media/test-ksops-secret.enc.yaml b/apps/test/overlays/media/test-ksops-secret.enc.yaml new file mode 100644 index 0000000..701d3aa --- /dev/null +++ b/apps/test/overlays/media/test-ksops-secret.enc.yaml @@ -0,0 +1,28 @@ +apiVersion: v1 +kind: Secret +metadata: + name: mysecret +type: Opaque +data: + username: ENC[AES256_GCM,data:I9Ycihk1YoA=,iv:Jl+89YBwaL4Blq3Ggg0WHu9VpAGnO8An630KMKpomhA=,tag:DjqzVZt8vRJs6wjB3TXZ+w==,type:str] + password: ENC[AES256_GCM,data:iJEcDhRqdK5hJHdcUCvC9A==,iv:ON8b4Ufil5zGK5vQDGydloUkPd6QLjbYB6h9/ht3WJ0=,tag:D+QXoj3tXUDe0uyI45KWwA==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1y26vr5qt6th3wu92rnsgkqcpxxah3pqkqa4khcjjycm3kg40aqyqjgfzx9 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYQUx3eFB2K1k0MTJmeEJS + SDl0MWI2eHpaYVFwSjRpRWVNT25SUG83cGdzClBhOXREVjFPWVE5MDl2R2pxOXV5 + MUxJckJvMWpyWXdyR2MxdW93ZzRzbk0KLS0tIGlJSk9scWJKc2JOWUh0VWlmR0wz + aVFFOVNLdmhqdEc5Q2xCYk9BOUR5T3cKAZPxzBW+DapiT1y5DsZEeYrCkfRPGMRm + 7PU947KRexiATcI4zqvujSDQr5PQUiSpfx71ua78Yxnjs9IcUqD2Ag== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-05-25T04:50:12Z" + mac: ENC[AES256_GCM,data:tR3pUCpsycy11ZyZXKpvvx6al9WNHQFOrq+R2QByW/laqflIaIvDd6qhlFh8bqam8wwnDaEteB6D2przguDMBbTzUgRnn50BYlDPR1M9/KCIUov9e55Z+fGGSEg5hC2VMQ5rxBBDj84RE7nL+M9d1Szo0wLGRWS4AmqmTYMnjVo=,iv:+f4iqjJ/sHIkoPsYY0x1JYAdtSuDomiTCGE7Wfp2Um0=,tag:4yW006uiF5QqAlt58rtEEw==,type:str] + pgp: [] + encrypted_regex: ^(data|stringData)$ + version: 3.8.1 diff --git a/apps/test/overlays/media/test-secret-generator.yaml b/apps/test/overlays/media/test-secret-generator.yaml new file mode 100644 index 0000000..a0504b0 --- /dev/null +++ b/apps/test/overlays/media/test-secret-generator.yaml @@ -0,0 +1,10 @@ +apiVersion: viaduct.ai/v1 +kind: ksops +metadata: + name: secret-generator + annotations: + config.kubernetes.io/function: | + exec: + path: ksops +files: + - ./test-ksops-secret.enc.yaml