infrastructure/apps
1
0
Fork 0
Code Issues Pull requests 5 Projects Releases Packages Wiki Activity Actions

chore: migrate coder to git-age
All checks were successful
Renovate / renovate (push) Successful in 19s
Details

Browse source
This commit is contained in:
Peter 2024-04-17 21:12:57 +02:00
parent f498d44a8b
commit 97ada5cb3b
Signed by: prskr
GPG key ID: F56BED6903BC5E37
5 changed files with 8 additions and 51 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
coder/.gitattributes vendored Normal file
View file

@ -0,0 +1 @@
**/secret.yaml filter=age diff=age merge=age -text

37
coder/config/secrets.enc.yml
View file

@ -1,37 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: coder-secrets
type: Opaque
stringData:
OIDC_CLIENT_ID: ENC[AES256_GCM,data:4KD0RPoRdY23wwkwqoXFloAl3VHQsaVJq46psw/tybCic+g6,iv:LQuY/nTVbD8J62Ia4QNRPQq+mP2BX5cOufIOpaqdjHk=,tag:2hB0sZ6fG/Mdi/Mxi123yw==,type:str]
OIDC_CLIENT_SECRET: ENC[AES256_GCM,data:8F2gjA8bMyh+g/MPppOtO8pGSvvjoNse2jPAYcH2vyfXNRNR2hn3OF56OkqAQUDgKh3mOMMIlOA=,iv:MSpf7TueXeJ9bJ9gMJAR7m97sbe/GG0GhIsDKOS8U5g=,tag:dJwpuxdG2tjEGSkoynstrg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age18e0w4jn03n66qwg8h3rjstz7g5zx2vhvz28aterkfkfetrxtpuysftp6we
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmNllWNkJSdm8rblRWQWY0
U05Bdkw4OUlhTmZTY2VPOXp3UStKMTZpTGpRCmlxRVFlREtuSG85Zk4vb2lIZm1H
SG9hTjc5bmppS0ZWNDVkajBHY2FlcnMKLS0tIGVPQTVHTktPbGVORys4Vk9pdEZp
ZnhvczRaK09YL0crK0hwYUllZXErSk0K23F5ItL9qHYbuNVuWGzpgaXMN5LNwc+n
LAtAoDwhsNhxNFTU+164rtjwHQ+NMp/xNIHiWMeOBz8zSkqCDAhxJg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1yssdnqk90tn6zzggmwt70krndw04yfk9hwzdac3wsgfxmttngd7q89qzjr
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwaU5ldHg2RjVqdUQxMysv
d05jaEFsMXF6QXNlZ2I0SjhGb2pEeHl2WXh3CmtZcG1WZXY3SnBBTTU2cFh6Z1Vo
RGd1OGt1cUhXc2VoUmJJaHJhRlQ1QVUKLS0tIEhscmZWU3Y2UFI2UVorbXVoQ2Yz
VElCdDBrcEt0amlJUmlldENtSjYyczQK8BueJyu/9pJSqa3eYT/bW705O+Wzd6OF
+COLZ8HmD6RFy6K+1uqRqy8ETfSqsaNC06ZdBtH3VKNPOk0ayAuWeg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-12-21T13:40:45Z"
mac: ENC[AES256_GCM,data:nxoSscCX6drScTysPpdPCwNBpJ7IFjIHEDsoVtsMaC2XufxBHNs5iZLv0vc/QfPK4xTRuEjWxhpFq/XiqTkcArpj/19PopKawa9JAKwSjK+9h83rvhK2r0j8QUmKpx9CfRS4uR2e/u2SCLyGtoAFsZD/nwQYFh3o3y0GfpCz3FE=,iv:V/j4zOf2D9SFSJsr7v8/IM8Sor+pJDL520vXSQUwW6w=,tag:lvNKkyw51qVM/j0WB987JA==,type:str]
pgp: []
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
version: 3.8.1

6
coder/kustomization.yaml
View file

@ -6,6 +6,7 @@ namespace: coder
resources:
- "resources/namespace.yaml"
- "resources/http_routes.yaml"
- "resources/secret.yaml"
helmCharts:
- name: coder
@ -14,7 +15,4 @@ helmCharts:
namespace: coder
version: "2.10.0"
valuesFile: config/values.coder.yml
skipTests: true
generators:
- ./secret-generator.yaml
skipTests: true

5
coder/resources/secret.yaml Normal file
View file

@ -0,0 +1,5 @@
age-encryption.org/v1
-> X25519 e7QN2SX0Cwxqlxs8lfyRUtizStuPdSALxGNfAx4dhHA
0FizyLJg4M3L9Upj/nobfiLx77LsevekMBrOAd1PphM
--- HirfSnnWW2oy1wWDRId2JzLbRkgTUWwHcHtsq9TLTEo
cQÕ¿Yœ<EFBFBD>âæ„ݳÌC_ZZmîºêW÷n챃ôI¾rd6•>Ç{ _<>áÊlKšd R*)Œmñn$µ£ò<C2A3>r<EFBFBD>L”Um²6Û šÌ‚ú§K¦=þE(˜ž<CB9C>¾“^zYÄ"i¡ÎS¢=L„Ÿñ O‡9>¿+t>4%iXT©E°6)ɸ:¯õ'J¡<4A>tùàÜÛcŸkUñ`rÔ§^$²”­Z«V'F£3U J-†¨g |úיÐZ~"èhŸpqdñ†¥'ë6·­ÜñH@|ðö Yr“ƒ¤»=𪼗¯aV¥%Ò¡ð¯Ü®kë€ä‚­<>D•?{ä

10
coder/secret-generator.yaml
View file

@ -1,10 +0,0 @@
apiVersion: viaduct.ai/v1
kind: ksops
metadata:
name: coder-secret-generator
annotations:
config.kubernetes.io/function: |
exec:
path: ksops
files:
- ./config/secrets.enc.yml