From ae7f916ec5915f8023b9fc1f446c5fd73e2c2572 Mon Sep 17 00:00:00 2001 From: friedrich goerz Date: Fri, 18 Nov 2022 17:00:59 +0100 Subject: [PATCH] DEV-669: created argo app tiles for each mobene-stage(namespace) + minio tenant created successfully on NSODEV; moving on --- argo_apps/mobene_cusprod.yaml | 22 ++++++ argo_apps/mobene_cusqa.yaml | 22 ++++++ argo_apps/mobene_nsodev.yaml | 4 +- secrets_cusprod.yaml | 130 ++++++++++++++++++++++++++++++++++ secrets_cusqa.yaml | 130 ++++++++++++++++++++++++++++++++++ secrets_nsodev.yaml | 9 +-- values_cusprod.yaml | 58 +++++++++++++++ values_cusqa.yaml | 58 +++++++++++++++ values_nsodev.yaml | 6 -- 9 files changed, 425 insertions(+), 14 deletions(-) create mode 100644 argo_apps/mobene_cusprod.yaml create mode 100644 argo_apps/mobene_cusqa.yaml diff --git a/argo_apps/mobene_cusprod.yaml b/argo_apps/mobene_cusprod.yaml new file mode 100644 index 0000000..55bf143 --- /dev/null +++ b/argo_apps/mobene_cusprod.yaml @@ -0,0 +1,22 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: cusprod + namespace: argo-cd +spec: + destination: + namespace: mobene-cusprod + server: https://kubernetes.default.svc + project: mobene + source: + helm: + valueFiles: + - values_cusprod.yaml + - secrets+gpg-import-kubernetes://argo-cd/sops-gpg#gpg_key_smardigo_automation__private?secrets_cusprod.yaml + path: . + repoURL: https://prodnso-gitea-01.smardigo.digital/argocd/prodwork01-mobene-deployment.git + targetRevision: main + syncPolicy: + automated: + prune: true + selfHeal: true diff --git a/argo_apps/mobene_cusqa.yaml b/argo_apps/mobene_cusqa.yaml new file mode 100644 index 0000000..62f5ed2 --- /dev/null +++ b/argo_apps/mobene_cusqa.yaml @@ -0,0 +1,22 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: cusqa + namespace: argo-cd +spec: + destination: + namespace: mobene-cusqa + server: https://kubernetes.default.svc + project: mobene + source: + helm: + valueFiles: + - values_cusqa.yaml + - secrets+gpg-import-kubernetes://argo-cd/sops-gpg#gpg_key_smardigo_automation__private?secrets_cusqa.yaml + path: . + repoURL: https://prodnso-gitea-01.smardigo.digital/argocd/prodwork01-mobene-deployment.git + targetRevision: main + syncPolicy: + automated: + prune: true + selfHeal: true diff --git a/argo_apps/mobene_nsodev.yaml b/argo_apps/mobene_nsodev.yaml index 174c010..31f2c37 100644 --- a/argo_apps/mobene_nsodev.yaml +++ b/argo_apps/mobene_nsodev.yaml @@ -17,4 +17,6 @@ spec: repoURL: https://prodnso-gitea-01.smardigo.digital/argocd/prodwork01-mobene-deployment.git targetRevision: main syncPolicy: - automated: {} + automated: + prune: true + selfHeal: true diff --git a/secrets_cusprod.yaml b/secrets_cusprod.yaml index e69de29..b4c75e2 100644 --- a/secrets_cusprod.yaml +++ b/secrets_cusprod.yaml @@ -0,0 +1,130 @@ +minio_tenant_users: + - name: ENC[AES256_GCM,data:X15qICk=,iv:5EpmHPtW4FOuFqZZU7VXKlsR71orzBYRfdIxr8xXQm4=,tag:91dVv1s00AK8VFNTATUzeQ==,type:str] + password: ENC[AES256_GCM,data:THTVbrn6HLngv7mhsFSEmoFB0YUmaMPfKw==,iv:ZmBZgIO0qPoSFIFIEQmozhrY5yF/Sg6YeOU+5GLFqIQ=,tag:e0XYw2D/PNZuUr5L8oxcEw==,type:str] + - name: ENC[AES256_GCM,data:aLyrzNc=,iv:jYGelq5mYYEdzya7fi/OjiA94CsIbT/9q+gZbMUJjUA=,tag:gRQhR/uApF8K1GIHjpMj7A==,type:str] + password: ENC[AES256_GCM,data:Er8zIBDJvBK8LCAyL+4W49Ln8qwOJXKuVQ==,iv:ZhVXPF0rFt99F70fp0MbYirTiKtz+DtpzQm2Lbw08hc=,tag:53nDiU04UiZBT5JpK+8xxA==,type:str] +tenant: + secrets: + name: ENC[AES256_GCM,data:5dd6Vk+tz4uMK3JW,iv:nkSAQrepp5FyeYGFSnDMjGDTKKjy8f1zqb9Uyi32vnw=,tag:csTFLOG3Ef82uRdaSj2lOg==,type:str] + accessKey: ENC[AES256_GCM,data:nmracSI=,iv:XoLDt6xCh1X4T2X8I0teI28TbmcedtxZ/kN/WkM6Ueg=,tag:rVS2m5ypuYyrouFDz3jMtg==,type:str] + secretKey: ENC[AES256_GCM,data:EzAwi9EuKi2isn2oaLSG/OgzSwXw/6OnKQ==,iv:4ZcHPlE5868vILswMwOGA2w6B79VBvaP7CkGt+ndSos=,tag:rZFN9VNWj4HKo9U415G4QA==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2022-11-18T15:58:05Z" + mac: ENC[AES256_GCM,data:wWspw3PCdFAqTcY5OSfLHDwZZ8oqhz/hMHbdVVNB+Mszzh4+fpL6tYJtO7CA38nmwGpOMJ+o0Cp9fe7z7FQLtF62ba5qQirMwBkd8dCW9X2Xs3ua1wJlLR4cMmC3kkfg7BXkw6xtNOpGZgixQ7QcJwEf1DDSBgLSxl9uJzTttIE=,iv:Q53aEO+0fMDTEMyTv5LZZndkCxgMxPTedwg9NpFBsHo=,tag:PxAy+Q2H2FouCTyxg8eCgQ==,type:str] + pgp: + - created_at: "2022-11-18T15:58:05Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA911WKxzIy2nAQ//cxPlVDG/XijWbairSnMRT3Ifjrkn3tDqCUlytZMzhitM + gfxcBYpbPTRt1CbMIogEKnyQ5CNRdHvEKnl/gArVKW5gyLw0x3qvuqyFbN+CVZF8 + Sw5oKuFDHN2NobfrMTHvUcC8CV+dPit1okBzSnWMeURBYEmBoYhNEFMRQZOvYNju + Pi55Kwr0GKyoeD2Wu6L1atYeJyJ75wjs0DnlMG5v6kC7W6C8YqJOiRQmGughIUfR + UxCMIhzOvYdBh4/fVE9argBTMHOV0vFfadEg2d0yzeM8Pt6oOXFDXoxQpYeXBJ2W + falFY04dilKRtN6f13d+RjIqYTmz8a7Ktfn4GrkzLG3ri7idT6IUotuUzi/5MN4U + WKu0CoehJL9r3+soODGWmPCxn3sVOsHp0JKuOcS0rMRdcmv/B2mkU4ezzZrHqTlo + wf3ZRdc6o/AjEAzRAqrsCrnK6Nw5j1qIyqDEbf27hl5T7mQbQjguR3/TeZq8O4Gj + kcOnCKuE9UPWjEYzufqQmLtoiNHt6Rf+Rld14Ikffo4DEMG6ElhEgBDsZdGXX7tS + QbZ69essTi94ZVHiB+jsuYsMjzXdJkOZeSht7dHpuA1/JHMCU974CrJ0kcdoRa0o + 9HAiSiIPMetFp9gg8FzqdLib0McCSmTKJGjdFST9Bbd30ugz2jDySGb6NT5fyXfS + XgGki7+FVFRjhlcMIgywZ4Gh8ggtBuedeyN62woyuuo9ICzHEjSyqeWWncC4moAt + f3ltrqod2LHSjZHqFFmF60MhA0KDuEfuaNOP+Xu9XBbLCafnNLbZ5+58vGx7JRk= + =VWkU + -----END PGP MESSAGE----- + fp: E5B4FE1E0209DFFE320D2A2E47087747D89B72EC + - created_at: "2022-11-18T15:58:05Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA4Npij8bx0m7AQ//etA3YXkD0Oju+5aXkj5BJULxOlkMr7UbJP0GgvIJunZE + 1lCJPJQAunOHxWoZsbbH1YIIYQ3DbLqOnWhgXXHIfqkWPDsdDxh6UwMRStAnwupr + rede/bWudIBr4hqYGr24z5mfR94VUFTFQnws0tzsmXLKCpJt3BGfdjI4r1wuJlId + yrxgPccvK/KrJZkTIENHTawUu6VtyOB+LgfZf7ywDb8D5l8BjzHW2t7dX/RFt867 + oEDgcpc9LIlsK0XkG8p7H0oP80hqNpaCAE9ihNKcwO4Ii1i5ux38/D6aO/WWyLUW + 6rSIswIj06Pu6UavpyJva9KWGqlcVDMl29hs1fVFe5wwvcGYYdhSvF7YIm/noBzd + SNwrop2Ds0ID1JMnaSOBVvysmgfn8WYNs8hQZ+1eQ3vjbNIK8Y8RlW9JyRT3rSiA + ox5NgUZEYAi7mI1pxUIxiSiERahbmQeiElLLBTe5LzNVQTzdglLsmDjzrdCFIBQw + KZmLzV/lpvbCWLPIghFCa2yYYF9hJEicgKjYtTKX/Wp+y7eN56HJxVrDQQDMFbzr + 2aGfO/J2SlkscY3G4K+p98R8PGKsF0GxdI0IUXPqf/7CX2eQnDDRE9s2yqUCxKYe + vEjhc+5QGi6Yt99gqffD8TEAZkcrRSICdfpxdNw3dX3sV3CxndvX+UF8YUVutTvS + XgFLGdriX3g1MpwXc3qwH5q/6BFvrjdWV1bvdZl3b2X1PhapM6l89+E/B5kwB6M+ + Rv/e8xSsVCRczNoyYL0VUHOgYUj0PhNldmY5CdOm2TsSq0l8/C9pX47s1g0C1/k= + =GDjR + -----END PGP MESSAGE----- + fp: D65D400040387210377B6A71DFD775644EAAC77B + - created_at: "2022-11-18T15:58:05Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA+5f33GLJ89bARAAsYGQUWwGvppbaOtSnHwGqjpVzhk/bfzhEJ897PGuw4YY + jQJxb6FgnlArNHMMqiKDfUAiQa2SI2mBHoqLyi+/nFMyKzioEnbbfZVnwLOfX7Rg + TGLBxDPEEeCdITlMkxNhIXHz2EJBAAk2HdOLDF7/DZP7T89gLHXifCxRGiH/6hAi + 3VIULmwwrOclTjs9CncbXdFEb4i/WS7qP26MmzOCYPe1WlH/axpJaNv79hH8/3qt + LMuJIOvIdyT7GLHwx1Ma3Eq/Xypf+HNDVTGG8CzMOqj3PawkdnkGLKuO5N7P7PF0 + Q0A1hD8B1lGNUCd2JrxRPOoKql4kJLeF8nXR7ylyxM9ROLZV3sKxdYTap0A5qjO7 + Lx8V/hxrnL6EyE4CKc7ReHudSb5OoXdkDkuQe19H9vCTnIiZnzUSOrEUWTTZ9T7I + qVTUar+gxmZhWDTaDW109dgs5neGnSC9gItWAtU7uayipS0s1qn2Wx+A0skYz5Jz + e/oHuHfFuz1uBkTvfqeM4O/uaRH82kP8tlvuTjDKmKkf0BBy5pXtPg/qYTwDvBvr + GZ8o7RrOKxORfZX06K1XNzjIUEV6Kq7VY3+TK8PW/ZJyRpZscuFxdBYIepVE/dWq + P5k+/YcSMgmK3v+A88kbYBhIAiGXEp20uhDcoMdyReZEkpk1A/8+XHpYueUPzyXS + XgG3c19HFB5N81T2CP+1W6nEzINxz2dbJ/XKMfSNSbafMk8ZDRSKpMJ1pg7pFDZW + 7CQoAEmL1cbegBSkHpsoXmWnkQcdwf3MFscvnYpOxikPYeKCxU41lllstks5w/E= + =vZXQ + -----END PGP MESSAGE----- + fp: BE3FB94982C2DE95B1EDD388A96613A6B1DB15B5 + - created_at: "2022-11-18T15:58:05Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQGMA+cOSmNXMUmKAQv9HLbJTTJqePypcqnmni26+OTXhTE6XWOqGESV6Fbm0RND + Oc28IFoUuNWTe/3L4DLXDwQwNmf4hdJgyPdVtHPV5wns6H7htMLKxuB7I6GDqMrT + t1DIrnDnj/3LvopMcaixDZR8gB/QIN+msviG9jtfRHHGOxmlh6bfjcawebDFt6N2 + LpHC+1OF0OIpHxJbp0ij2sK84Q5WmtjYpsZfh3C/d6MHEe7LuVve1snuOFMzjQoh + 89vslUmltHpnR48NqjcK+zb3fB/MUh1T13EUMRo1OOSiMJsGa61pjbI6+VKfp5Sq + b2/nWbyZaPCGnGf8r+c8GbIq68pI4kdSq4Q0SaM/wvtfrZtaoSoIdh/z0FcWA4mK + sel9pPqDnad5n0nADFMW0Ol8jUJfv8jp+aOumcdzib4T24UyEZ/rH2Kp+gMsA0rH + WcHiObNub8H7/Dllu/J6WIObGpDuwmzEpyNXM5OD6OAMIwNYcqX8YyAOfMBuwKSU + PIbLKRkmOcOMi//7CgJf0l4B2g1N91xtxotNGkHkW2j3CJ5pHrjxRBrpzyLsiufD + GvGY0Wm/CKQXHlWQtG5O/KJ4vvxjPpne6QzRC6DSYwujqfNq6eK0d8cbM97SY9vO + HFAvELTRLj4cyFv9FlBw + =p1MF + -----END PGP MESSAGE----- + fp: 9F08DA9D42379AFE6610E9E615CCEC6801DBA02E + - created_at: "2022-11-18T15:58:05Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA1kDHheI9SLWAQ//ZyRk+1P5pov/Kb3oxU2hPKnms/Hy6AO7n6FrHNsZ+2qr + fgUP0CwIlag0gH++3j2pydQ08P3xk0cuqs6hdW2PCE0mOE80xOSqHqlE0JD8wb/L + JzDA9kQGYWNXR+FKAGUBNi0rRXYrSTcc5BuG0bX3yQaQOS8LefTPmiVCAY35GXf/ + ROEQaoJdgPFuq8O0x6PUpXEAu0+lOVTh1Bil95LWvSj5iSQJx1POIWaYysjOHz9o + /ScYZj10RCXwdNfm2SGDuWnSMenLHfRO94J+g3IhG+FqMl1iWP47oqGGYRn6b5wb + NHUKAt68oDb9FEM3pLYjN21gtP9GZf9vPmzqOLpMkI3lqELGL9vEv4nLBWZEc+Fq + viDjW4eU8v/669TthM7U4Ou5zQEfECTfVnnGeXQXERkDZJBG4L/NRMJrbc2+pEgv + qhEPw97e/kmx7rhEbmDqwD2osXmBy7UaQZJPxHwnIZ+zsHSunrnZWv73SGwXYNfO + 2bMzY8cCu8wVm/FIzhTdM1N8SxVnNuWz7ZZq7Bpjnwskek/CcnitcjGZ1cn/iEw5 + 6K2qGEYlQqwDLrv5mgom9YL8kRk7gy69+4Xdwo8Ei39SUyWRqtSvArruZ5Zn2V+I + 7Ls7RFBRqn68/wb0juUQ3hBv5brqTzVehEUdyu9qBov3BsnMTpegWQBJDa74JZvS + XgFZ5kqVi8wS0YmU6ZxAxuZHrZ3QBEAyHj+f5i82+Nv8O655NA86uR84GAmee2ln + 7rzxXyiQkx4pSPlxqfuCjVVU2ExkxG1XkQ9cTCMtxw2cRaZmH5TAIuPTpc1/7W0= + =7XY0 + -----END PGP MESSAGE----- + fp: 17B8FDF68AC123EB666934B17D0DF6EC048A5D77 + - created_at: "2022-11-18T15:58:05Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hF4DZmNQj/lmIGsSAQdAFPxiBBqTpsB/ClNmxMWtCH/JvLDCLHQbSVi7uDLtLFkw + Ra0hUIwDpKi2c0RrLdXSJOQf2jJgFFkMnasge3CmJ3iRjtH6vmRSsC09m3wIPEuG + 0l4BTFGtnZpYauBVRurgr6EMrvMDHCWGT/NcFoiiTMTEn6NGndui7LuaFIvMfGHJ + 5BJYJrburli/S9Nq3aFPMQqMUE/uwMODOJAlosjyb2JsxZwJF3LtBcHKEwdVrl6j + =RcD7 + -----END PGP MESSAGE----- + fp: 73C2C9954D1BC94DC6682525D2FA233B52AEC75C + unencrypted_suffix: _unencrypted + version: 3.7.1 diff --git a/secrets_cusqa.yaml b/secrets_cusqa.yaml index e69de29..6069bba 100644 --- a/secrets_cusqa.yaml +++ b/secrets_cusqa.yaml @@ -0,0 +1,130 @@ +minio_tenant_users: + - name: ENC[AES256_GCM,data:8cjNabY=,iv:GXqQrr9MyTHLtfL3HFAwmfxGvNiYermupmGkrN+qjxY=,tag:hLpXJAmC6eadsziqmiTIsg==,type:str] + password: ENC[AES256_GCM,data:gSAbknvB4+wqckWO9k+FSKO53Pdk+HqkZg==,iv:xpogHDGtdBndPjdWLnzjHK5j2bUGWsGt+/CdpamFWOU=,tag:sPWuR/adsevKz7A2YwN2Fg==,type:str] + - name: ENC[AES256_GCM,data:iY6BbGc=,iv:vd26EFy4GGQQs8E/LGaSX891M08fk2k8CuAAYIcl1ug=,tag:Evs1k4wlpVwBZq/ccAEDgA==,type:str] + password: ENC[AES256_GCM,data:AztgIiYSI0I2bV7uJOp6D8qYsc9bx72yzA==,iv:YlghcXB2JJ3duihB6QTW2DiEkjsYA8FW1Y4Gc7m1lS0=,tag:6BxddzLmd+w4wtToqRFwew==,type:str] +tenant: + secrets: + name: ENC[AES256_GCM,data:fl2ti9Kky7Hqvo/1,iv:zGP/FA6cRIRXJDR3r/2O+Htw8iYm7LuFDpTXxrjukec=,tag:MPX6e7kvlqfG2xJPoV2y+A==,type:str] + accessKey: ENC[AES256_GCM,data:rhXRA6U=,iv:wXP+K0/GFnZI0LjczQopl/y9IQVMNiEvJwTVVSvZjgk=,tag:4CXmy6EFFbxPY/YT+ZwKHw==,type:str] + secretKey: ENC[AES256_GCM,data:nnBxTkD7d4b0XyHekur3UbCBHaikXZC23A==,iv:42mQICO6DpIuuhvNZHLNcK0OqmWuG+OVAOOjN7vu8ig=,tag:z3pa5T6IBjCp5C2xwMt/lQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2022-11-18T15:57:14Z" + mac: ENC[AES256_GCM,data:+K06cJOoPRCZdqNwGVZ+SM4pGVp2/OCxHa1oMFEJzGWvKDf71VoHTgWKt+BW+vtAg/o2FZxpUXygmrMZYV/97iHwaX6L1+y7BGidKdyYjRwyZXD7UCFdkpc9nPSKwSkzbGZHcM+RiApSmBU4bjwPECuabfmz+vkNWh54cqKDHSM=,iv:1jalFghy+QdEbHy6bpiH9D7zLoxTsO8uXo2M0ONk1qo=,tag:1FCy8/4do7fJtS2M1oR4Qw==,type:str] + pgp: + - created_at: "2022-11-18T15:57:14Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA911WKxzIy2nAQ/9GYJcsPbhB3ScJys7M3GTYSSwHO0AJzRw9h1lGNaavM3W + tcWtxejxDXVCXh/hoduDRjHBeIBBTL5yhu8PPZruitkEuUMW9oZut6F9eSchDs5J + 5Y94lEAluqDRKaMFpWgcG3M550xAT02YaqfcFJgid2BMJsOmlQFS3F7N3ebpS/MW + Gmy+1SeP7s78YnAwpi6N/N9xPzYZ6Dq0IWcX6ZAXVYaNH7D2pFEGHC7r/etoCkZO + 8uGVOkkGeq1RbKYE/c23xi2d7c16m4UD+yGd2nMZkyxL3rKU/RKpGQlTvEfTvTJb + DaUW3wRMbC2vvb9ghnuHf5FykfdcUHkxGeMeRWGA+UQOoFbfQNpVsbWF5Dm7orjn + Zy02P3XxZ9c5KHYTKHh9ZaTTE9gyv9924lCYhZdWQRZB02CVwBtoUmwqgZX8abct + RegxPH9poPjANlWmAGO88HH587hlZ6R0SSoW66fCNWYNbeLIV1x34f1z1rXvbGyQ + 5+zRtfNkB7h2EJk4mLWy3IfACY+OIWtqMuU9qu6IAHx/445USMYQIsClg939jLQp + ulHOLlItv4yq1oV315Y/zAS2JwnxGfae7szcOOHqrf8hcZFXWgUkrwU1LabhKZ1g + 2qtmlqI50XZVA1Sm90N4pKtGPvUFGHjYthrGnaU731/f7+QjJwZBzlW6Zln4MJTS + XAF5S+mLWyD62pEmF/JEQ5tcBw0A2fz7En7ckDfpdTOPLd/QSCuOQQdifqAeWl4X + mgCGb2sGA3/8MTFPJFvIChTIt8jgziyRc6XQch7972jS67D1VqaMNqwgJ2Nr + =12fF + -----END PGP MESSAGE----- + fp: E5B4FE1E0209DFFE320D2A2E47087747D89B72EC + - created_at: "2022-11-18T15:57:14Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA4Npij8bx0m7AQ/+PAIWAkQTR9fUecP7czLc7R0dD0Q4eUb3f329Bwbjd8hj + tQBYtObyifLIFUfPtlLnt6IoAMp4FP1d3/6J/KZDSX4qik0QY3XROHHW9vwbnOQ1 + pWgLtSMqhXxna5Mq6b+sjKVv95uH709usUBL68O0EWse1lSLXzSoR3F0s9dn/8UH + +IR7aeaYdc6LuravtPDg71qeUXkjxAOaJR0kQzdJKVRPX5pvjCLLEwy3/jn1gs6o + pDFrU6jmmI3zAdnG1ygyoAnvLG7QOaVkPJmKLCKeDnF99N24yuBebUSy2/yiJBXx + dJ5D3jwAvKbG3Aei+rSTx02cvvbro4AR7+eevJN7uQJk3RwMObc9HXfxb9g0hsxR + AQkpmYK4YDHRcGQAOJ1BxVET8yh7lo01Zuq3y6yfB2Vht9HE7B69v8MkAeqIN0HD + 87kmt3MJPyg+6Doz9SJnlzaUh1d7X+udV2BUPNNlRRS6EOXlQ1s4iQJGYhu5zcxz + eFAl0tuBbLk5bAP87/GWLcfSxmRgYDhjGcH5FA5NE3m5r/7lecdwFJfm1RKn3xvc + r1zoxrR0v3Mlv4b2hG/j3GNiYj0HWO0qj516Ew908nTJgPxk/lPovoyqPhrvHHy6 + wxqCdTTb3h7mL6gBOT58ZFmjaJ+UD7CVqh3i5lmt6DP1BtZ2i4DNsBzJvhCPI0/S + XAHPJZxhz6S6vLtDIYtWAZA/Lf2Og51zea1OL7ED1sZWmSueoUe9H16PxWTtlUsL + 2eqDyYGeCsQNp9mLnjyNMRtlu0YxAS2tWB+8WKpQAudv+Wgfxenfgx0Gf+hS + =Y+Wo + -----END PGP MESSAGE----- + fp: D65D400040387210377B6A71DFD775644EAAC77B + - created_at: "2022-11-18T15:57:14Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA+5f33GLJ89bARAA7j77nJVqL1h6Cz1Tn/UNI/qicavUWzbJ8CwAHNF7fC9p + wcHjAKBX40YmTxleJm4ahCvlfUtkKPgE/Hif8pB3ClyGQE6rHtLcXX5mL7XIBK2t + USNZHRJ2pmd496Bku5OtnZCN9mveDTVd8hSN0epCSju8Zo16r/BkaRYCGY38WxTR + MzxBY5Jw60u2qR6c+FE6XnnXs6SwI459IiyplFkPOYwntFYr8Va8RZN/QAQV9X2e + hCcEZ9HpV0pcGRN14DI8z2Eey9XuNgClangZ2aUE/PSH1NsUQiVT6L/INjUrCZO5 + nObHkNdYclsLa355bpsk/k1QzHfLMqNCSSqynboTKofkZVVr3fhWMbMqj8kDBoaG + DHBbQKOWDADDf4MCG3k2nmBsuNbnT4kUt5UekvgEUxsvEdhdzaid+RsKYWBt1voZ + Ui09IxRySBDx67rOcsxrAT8lk1ZngXafs07ziVToQxQ7dH5n0B56R/q3SdvkSPQG + gzu2j7FXbKCOUMZ4WxNGnmH6pbHtHUOFidEO6aZSgZq5Yw2whUqiVsJ0fiHaeMzr + GM5oiHUqszOW/qbharE/nXHeKACOI76Jap6Xmz9kXMpX+N6g36KYKkQldyuNX08i + vPldlLJJLicMjZbHJCud7mur/rb+3ogr0vd52EBxW2PmHZ9qbmY4BghzBBJ6Ff3S + XAGLAmcxUj/oVd+3uUlWwBsuq5RxkLn5x2jGiQwhvuLbS7bbp3zN4Dt0APYI3NyC + bGPD9Joz6FwA36S7SYtPXyEZNvLkWp134c8CggPFkohLj+8pN1wgQupzaw9i + =aFMx + -----END PGP MESSAGE----- + fp: BE3FB94982C2DE95B1EDD388A96613A6B1DB15B5 + - created_at: "2022-11-18T15:57:14Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQGMA+cOSmNXMUmKAQv+MHittU++h4+bAixCtN6ZQNrbvxp3x+VMqVMaKwJDjSVo + UfxUUsReDYDI2akkyfKNYrIjViCuQbk8gKauUx4awiih4MMXfFlM6N5APiXFAzTa + KFb3KAC6EXuv9zxUeoU10iag6qh8xUpwOWd2jj1hvkXUxWuDHGmVhVHVuJK5+s/Q + kwqtg/aAxsOHXz786imTADEzR0uhCk8b2cR2VxuE9JxD7s+9eZjHEgp1kgxLiryk + 1MfiOcvDzcQBgqnIqCPxOydWkY1SthrzqKlxBU/hk2f/JqnOjWapaKvFgcreeG3f + ipsHvl88wYlQinyc6/64+tEaN2E4W1UcN09dqZz3etvEjhdt6mF0v+aCfU+o3QTa + yNh2AGTQYdP1qR5AhtKy3IXNzL53xvC0hM2BTcfFU2Gc/6wqnR0D3w4Fwo9cOwBl + 3OOe3sieP1FR7yejCvSNpIZeMaHGhMo1bNA+8Dcskh+rrEq4QmcowSPgftEDUyxY + rIhPCfSbvIk0NEEUJ5t00lwB7omL1iW6EW/o97U44i4yuerjc+othbk605m64fGV + i7CCnk0civuz9H2eZ0k/Hzb9Mtapo62oTSEsJESs8HwTc1tm1q3PTZeO+NwiO33u + wBRYgz3oR5VckrR8UA== + =Osmv + -----END PGP MESSAGE----- + fp: 9F08DA9D42379AFE6610E9E615CCEC6801DBA02E + - created_at: "2022-11-18T15:57:14Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA1kDHheI9SLWAQ/+LCHYTSILWiDtLmVfOhYBeP3N77IqmLHu6vmttZmWdDUZ + IihwcSI5PNqMPtD0HphfLQJ2cXDPgJ35g9yhfuGAXN9CtOrWizRJ3t24naF0Of1W + yQKg7splr3W854tUff+KmlGZi3obcD6fTb/QxhZCvZ4a4IntAe+gfSgM7S58sokE + xoSzW7FjyE1nPzmtPrCx0JEOCnTLAw8MX93Vi1veW8qtA7mGQX2hcTLEy1IU3/8s + b2Lm2gfU4atrDrDFkQkO+NM36VqUGSdjN85RHiBSduIm6pE9T6I9+72wzI/Lndlo + XHa48cjd/bCcL3da5+CWHD9Kcya2V+2DmgK1RvsAudjOFS5XJ5jwkdkf/v7x0FLd + VS+2g8/GUUClJdCfh9GDX/f8fB4DOBQeY16cI7UGhPhejpKc0VzLFfqfX1REg/4m + LYrHnyoTddFsaYmvhixDr6OniLunNokUBZY3rDsWV8kO9OXL1MdEgU/NuewBtUCH + +jZmURPkzoYNl1LEmKS9iwqAAWgiRkXNKo6aLsBqvF7azHmeLykf0r+cY0Y+wqK6 + cASJZ53w2mURQiGGno5oEOt8+e2pHfUJb3G6TYl+YFVblDvdB7iD2s75ayly5wAR + Ti6TrtBWD6IbI9bxT8TzPkNspgSJvZcSANYPQ1FGg3Uy3PWlpsmmw8qIEpNfEenS + XAHG3ISUI9ZHENFJ1Yc0sKzxHAUKhRNbYVHqLclCaaL50Vx8oZDvNRV5bQn8Qx+2 + sFYdAWN+Sum6pDiQ4nW0niMExKaFHvWSloj2glSqromTi6ULDVKH5ANq1fg9 + =u6zi + -----END PGP MESSAGE----- + fp: 17B8FDF68AC123EB666934B17D0DF6EC048A5D77 + - created_at: "2022-11-18T15:57:14Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hF4DZmNQj/lmIGsSAQdAlfThXJ6Oq3Gcqwq7Gw+vGejpQwU3ZJ62lWHktBSyT2cw + jYmORsnXzG8w8d+VOV1JVZdkRp+cv+F3+6z3uTePrpwP8+6MjEr32O5Dgt81kHb0 + 0lwBJIWrfGiZ20rnolct066aJEdtEOsAeCNQQhM5eoPOetobuzp9aGCthhySV4yg + 9oUochZBrQ/SBIlmulumJBGEtF1NR5/ucy6VEoY2UuJcR1CTDrUk/19MWud9kg== + =7y3l + -----END PGP MESSAGE----- + fp: 73C2C9954D1BC94DC6682525D2FA233B52AEC75C + unencrypted_suffix: _unencrypted + version: 3.7.1 diff --git a/secrets_nsodev.yaml b/secrets_nsodev.yaml index c3c5ce3..5298477 100644 --- a/secrets_nsodev.yaml +++ b/secrets_nsodev.yaml @@ -3,11 +3,6 @@ minio_tenant_users: password: ENC[AES256_GCM,data:rcLYIqc+iQ1hXdya27+WYZ9f8Dor0HGeQw==,iv:8jlOC3yphgs+tNH18gTQFinjaLRPI38rKkdDa/S12hE=,tag:58P+soF2DkQyYA5Ysnx6rA==,type:str] - name: ENC[AES256_GCM,data:0gvhV+c=,iv:aHv/GEH0MqDKSFBdWHLwals4YGSc/LEeS0AptvIqbXE=,tag:uoex6gxSAJ5xYJHBoHjlJg==,type:str] password: ENC[AES256_GCM,data:YupFLbGXghBHHMvQ+2a06y/ZsaZT2rpJ9w==,iv:/7XVh0nMb+z4CPuO1y3eIUdWiWeR2lmb/VSPjgfBGSM=,tag:XX33bBCbQC9+WXssCsCGsg==,type:str] -minio_tenant_secret_envvars: - - ENC[AES256_GCM,data:A3O9a3ZvF3wWDHa/HP42m+twTz4ri3MrgywX,iv:XMgdFXoDjfRL28x/J79nc2EDR3gvipgjU8TpCG6SCJg=,tag:3tMVIoBOpJZji6k0SNJVzw==,type:str] - - ENC[AES256_GCM,data:xrk0BlWPjsa70nOkwdqeZYfRHXcs8mcMJ2c8vWPLjxfUS1+fYz/117wH4fiSV+F+iqRfNA==,iv:MBuaoTKn2v6oLFbXKUJbNOZARhQLwFbkgv5T8Qni2f4=,tag:BigVzhyoAdouBNM45QUN/w==,type:str] - - ENC[AES256_GCM,data:8zg6MiJX2p8Zgny5DcrV9GW6TNqi7npe4i6FPmE7Gw3kpyku3Dk=,iv:eFEtHC1FmO3NpKhpYBIkJbZxDd7DCTzP7LTfbFKTMDA=,tag:h04xJylQ1osiehnXZCFGpg==,type:str] - - ENC[AES256_GCM,data:wfchc09HhQdpY7k7AHQ50cgd2xYY0WX8m62SPVGUVY80bB2UD9vGhuavHLRfZ4v+iRHqyGw2Ww==,iv:0PNSUO5jyDvtLd8yANaw/Of1seEBPamjNv6Jz1qi6tg=,tag:n4eu4lqmPiUvuQeTgLYG1w==,type:str] tenant: secrets: name: ENC[AES256_GCM,data:+BFkk1ytZzuwkbkS,iv:J+b3XC4FXEPo8R029+/246PNA90cQ7cW+1tGpSGMcUI=,tag:zB9Je28PaNsTaEHXbT726w==,type:str] @@ -19,8 +14,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2022-11-18T15:19:01Z" - mac: ENC[AES256_GCM,data:WX5KQEu8YYjUQlajp+ojd8Z5AKULDABFdp8CocYBQp6FJMBD/Rs8noscgq0C6ti+xDOqO37nlPzhJ2tEUqHGtrmzR5wzZk/5xMmsCjEuHCCLZ1E8ep0QLc0WxrgFGcfXnB02LafyKcmc71M8eybAX/luuunXg2vGSXWXlGv++xI=,iv:RCIadDf56PZ8Oed1fqlIxItWiQKc5r4ecTTmt+1t3vc=,tag:N273QwcDTymIEorDK+mLmQ==,type:str] + lastmodified: "2022-11-18T15:56:07Z" + mac: ENC[AES256_GCM,data:4oZcAUx+Sp0qxpAIEwXEMdBpAwq6MYp5rJ3AcpkOyspdSRm15F8sWtZHV/GWROJyKHNFKwES1oKG2K6gAzltPNST5L1/PHpXrRzGYVIRukPWBJQ4j2kvVKd7CG5deP0ID8pDJr5LBy74ViXeHfUDVJf9hUOqVyEf6LakqmOo+l4=,iv:+ctPAfGbcUX1Lyd/vMtdpYEL2Hk6RfdAe+3GpKFyo3o=,tag:T5OFS2dWvWvrtqsfmoqDjA==,type:str] pgp: - created_at: "2022-11-16T20:12:49Z" enc: | diff --git a/values_cusprod.yaml b/values_cusprod.yaml index e69de29..19defce 100644 --- a/values_cusprod.yaml +++ b/values_cusprod.yaml @@ -0,0 +1,58 @@ +# minio tenant +tenant: + tenant: + name: s3-prodwork01 + configuration: + name: minio-config + pools: + - servers: 2 + volumesPerServer: 2 + storageClassName: hcloud-volumes + size: 10Gi + buckets: + - name: mysql + region: '' + - name: postgres + region: '' + users: + - name: user1 + - name: user2 + log: + db: + volumeClaimTemplate: + spec: + storageClassName: hcloud-volumes + resources: + requests: + storage: 10Gi + prometheus: + diskCapacityGB: 10 + storageClassName: hcloud-volumes + ingress: + api: + enabled: true + ingressClassName: nginx + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + cert-manager.io/issue-temporary-certificate: 'true' + nginx.ingress.kubernetes.io/backend-protocol: HTTPS + nginx.ingress.kubernetes.io/force-ssl-redirect: 'true' + nginx.ingress.kubernetes.io/proxy-body-size: 32m + host: s3storage-prodwork01.smardigo.digital + tls: + - secretName: s3-miniotest-cert + hosts: + - s3-prodwork01.smardigo.digital + console: + enabled: true + ingressClassName: nginx + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + cert-manager.io/issue-temporary-certificate: 'true' + nginx.ingress.kubernetes.io/backend-protocol: HTTPS + nginx.ingress.kubernetes.io/force-ssl-redirect: 'true' + host: s3-console-prodwork01.smardigo.digital + tls: + - secretName: s3-console-cert + hosts: + - s3-console-prodwork01.smardigo.digital diff --git a/values_cusqa.yaml b/values_cusqa.yaml index e69de29..19defce 100644 --- a/values_cusqa.yaml +++ b/values_cusqa.yaml @@ -0,0 +1,58 @@ +# minio tenant +tenant: + tenant: + name: s3-prodwork01 + configuration: + name: minio-config + pools: + - servers: 2 + volumesPerServer: 2 + storageClassName: hcloud-volumes + size: 10Gi + buckets: + - name: mysql + region: '' + - name: postgres + region: '' + users: + - name: user1 + - name: user2 + log: + db: + volumeClaimTemplate: + spec: + storageClassName: hcloud-volumes + resources: + requests: + storage: 10Gi + prometheus: + diskCapacityGB: 10 + storageClassName: hcloud-volumes + ingress: + api: + enabled: true + ingressClassName: nginx + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + cert-manager.io/issue-temporary-certificate: 'true' + nginx.ingress.kubernetes.io/backend-protocol: HTTPS + nginx.ingress.kubernetes.io/force-ssl-redirect: 'true' + nginx.ingress.kubernetes.io/proxy-body-size: 32m + host: s3storage-prodwork01.smardigo.digital + tls: + - secretName: s3-miniotest-cert + hosts: + - s3-prodwork01.smardigo.digital + console: + enabled: true + ingressClassName: nginx + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + cert-manager.io/issue-temporary-certificate: 'true' + nginx.ingress.kubernetes.io/backend-protocol: HTTPS + nginx.ingress.kubernetes.io/force-ssl-redirect: 'true' + host: s3-console-prodwork01.smardigo.digital + tls: + - secretName: s3-console-cert + hosts: + - s3-console-prodwork01.smardigo.digital diff --git a/values_nsodev.yaml b/values_nsodev.yaml index 7d84834..19defce 100644 --- a/values_nsodev.yaml +++ b/values_nsodev.yaml @@ -1,5 +1,3 @@ - - # minio tenant tenant: tenant: @@ -11,8 +9,6 @@ tenant: volumesPerServer: 2 storageClassName: hcloud-volumes size: 10Gi - securityContext: - allowPrivilegeEscalation: false buckets: - name: mysql region: '' @@ -29,8 +25,6 @@ tenant: resources: requests: storage: 10Gi - securityContext: - allowPrivilegeEscalation: false prometheus: diskCapacityGB: 10 storageClassName: hcloud-volumes