feat: migrate cert-manager to git-age
All checks were successful
Renovate / renovate (push) Successful in 22s

This commit is contained in:
Peter 2024-04-17 21:06:59 +02:00
parent f7a3fd3ba8
commit f80eb640c4
Signed by: prskr
GPG key ID: F56BED6903BC5E37
6 changed files with 4 additions and 50 deletions

1
.agerecipients Normal file
View file

@ -0,0 +1 @@
age17wmvafx76dechar4tne7gsv2tgpw3afsuck0jlfz03l5stnc3c9s2nww0z

1
cert-manager/.gitattributes vendored Normal file
View file

@ -0,0 +1 @@
**/secret.yaml filter=age diff=age merge=age -text

View file

@ -1,36 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: acme-dns-cloudflare
type: Opaque
stringData:
api-token: ENC[AES256_GCM,data:9PerD+nitxWGlaVCrvwrzSq4n6OXOWdoxwuvmgNCo5dwKby5MmWzgA==,iv:+IKQIFlB0wmfAXAeqVS21zXTdQgQW1382UdsV//QNc0=,tag:ET99pjX/39bZhmHRCnAzFw==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age18e0w4jn03n66qwg8h3rjstz7g5zx2vhvz28aterkfkfetrxtpuysftp6we
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByK25WeGYzZVdFOUluczNa
YXdnZklod2RxZUo5UkJvcUJNVWIvQ0pSbUhZCnpJQVF0MEUwWG51RHUvOVFFMkg3
QmI3T2VDQ0k5L1p6dSt4b1dlczA1TmsKLS0tIC9OMlIyQjNHQU90TjdlSm9CWkIv
ODQ3b05TMENqZnU1NC8xUkx2YU5vRjAKAaRgVOWFkA8qmTPAwb5zsQqpZce+QOan
RaJAf/52GB83bk8iajcJMjpPsQLNc8Bc1BUeXZeJ8Q1eDpj/Ez4pLg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1yssdnqk90tn6zzggmwt70krndw04yfk9hwzdac3wsgfxmttngd7q89qzjr
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVbjNobXZVOEM0b09CQ1p5
c2RpUDNWTTVIVXh0aVRBTzNyOUxuVUNwUFVFCjQ0K0pvdlhlWTNqV2Vxa0Jjclc2
cDI3Z3JlV3hxaXptYlZrN1RROHBwM2cKLS0tIEJCZjRuSjVMcTlIUmhiSWk5NmRz
LzVyWGZ0em5RKytCWndjbjh6eWhNc1kK+2g/VLNIs2B62l5kZmkj561Fq0hpnvf0
L5p+Dyxlh8VjFVKXct6PzJ2Bg+mx+/MDFSZ2PXw9QUI+eNdznCutZg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-02-13T20:21:29Z"
mac: ENC[AES256_GCM,data:phMqQQ+gs0q2AZrnwzM7qybxcdaErWk5Q3bjXE1chekJQ5IsHoaDj7orzG0CAb1GD+Qa+/3QV9n2ggsT9w3zZGSjiMTttes3L3CVfJjOXC6WpzjxHnIM7xFA2uZsziIOXbU6nqZ8OtFfFfjbio8lt0OZj7W6HIdAnom6zIwUAbI=,iv:ueToOo0V+IBScXDTJnHPVKvx9O3/NHeTBDs344FseQ0=,tag:JNc9tr1LZx6LRRpcqNwJOA==,type:str]
pgp: []
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
version: 3.8.1

View file

@ -7,6 +7,7 @@ resources:
- crds/cert-manager.crds.yaml - crds/cert-manager.crds.yaml
- resources/letsencrypt-staging.yaml - resources/letsencrypt-staging.yaml
- resources/letsencrypt-production.yaml - resources/letsencrypt-production.yaml
- resources/secret.yaml
helmCharts: helmCharts:
- name: cert-manager - name: cert-manager
@ -17,6 +18,3 @@ helmCharts:
valuesFile: config/values.cert-manager.yaml valuesFile: config/values.cert-manager.yaml
apiVersions: apiVersions:
- "cert-manager.io/v1" - "cert-manager.io/v1"
generators:
- ./secret-generator.yaml

Binary file not shown.

View file

@ -1,10 +0,0 @@
apiVersion: viaduct.ai/v1
kind: ksops
metadata:
name: cert-manager-secret-generator
annotations:
config.kubernetes.io/function: |
exec:
path: ksops
files:
- ./config/acme-cloudflare-dns.yaml