From bc276ff7c4144e93ace7c48a95cf6fd2a850c5d2 Mon Sep 17 00:00:00 2001 From: James Pace Date: Sat, 15 Apr 2023 10:11:03 -0400 Subject: [PATCH] Add secrets for simple-ros-run. --- .../j7s-cluster/secrets/container-cosign.pub | 4 ++++ clusters/j7s-cluster/secrets/kustomization.yaml | 2 ++ .../sealed-container-signing-secret.yaml | 17 +++++++++++++++++ .../secrets/sealed-harbor-login.yaml | 16 ++++++++++++++++ 4 files changed, 39 insertions(+) create mode 100644 clusters/j7s-cluster/secrets/container-cosign.pub create mode 100644 clusters/j7s-cluster/secrets/sealed-container-signing-secret.yaml create mode 100644 clusters/j7s-cluster/secrets/sealed-harbor-login.yaml diff --git a/clusters/j7s-cluster/secrets/container-cosign.pub b/clusters/j7s-cluster/secrets/container-cosign.pub new file mode 100644 index 0000000..25240d2 --- /dev/null +++ b/clusters/j7s-cluster/secrets/container-cosign.pub @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE8YhtjWEWky7GKwgarbuVTRqG2gXr +4lFe4ezy5aPG7IBnnGTJIB6FLkD/51vYx8891Rc5lSb7U5ImJihqibGEOw== +-----END PUBLIC KEY----- diff --git a/clusters/j7s-cluster/secrets/kustomization.yaml b/clusters/j7s-cluster/secrets/kustomization.yaml index aee3a02..6330be6 100644 --- a/clusters/j7s-cluster/secrets/kustomization.yaml +++ b/clusters/j7s-cluster/secrets/kustomization.yaml @@ -3,3 +3,5 @@ kind: Kustomization resources: - sealed-git-credentials.yaml - sealed-gitea-token.yaml +- sealed-harbor-login.yaml +- sealed-container-signing-secret.yaml diff --git a/clusters/j7s-cluster/secrets/sealed-container-signing-secret.yaml b/clusters/j7s-cluster/secrets/sealed-container-signing-secret.yaml new file mode 100644 index 0000000..d87fb39 --- /dev/null +++ b/clusters/j7s-cluster/secrets/sealed-container-signing-secret.yaml @@ -0,0 +1,17 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: container-signing-secret + namespace: j7s-ci +spec: + encryptedData: + cosign.key: AgAr9cTM9qjhm9iieY5rwqFy1tvf8tJK1hYEWEhcVSqj+LZzJy73ttmT6t7J169uFKIQK8uK8+LBuDHdCN+qvRTNOmtCg//B/Maxdl+DFhvwzeZ5HvfJwOwOr1FOPbprNK2Nt1tDdzy+L0dFBgd/BR5qE9Nc1pGq2YDBnQjY2tJqnsmhPm1aDreUzXnWE91t/8rjWhOnIDpDIoa6ie+ex4APcvmPwnjFEES42OUMUL121V+huJF/qGrHsAl7l5jZb6mg91tR+5jA4qNON+PiPkrOVOASNrVId6TkohVoOQMfyhMYZu0dKNTzSbClCpEzg9ZGSRzfxpmNArV3mcmqKAMn7etYaiG/1/sI/e/Xl0i6wWsW+Yge3b5FZ/ikGoGg5Roj9jQVnRm4Kg3m6Rqr0nw9nKR2h2h9TaK9XDgKI50IjelQIzT2Bveee0/lCbqtIamhprWz1ukedvbpjziuqJJWw3b3nsVbdVD0rt519jYUSbrC7S1OANkNSPu4mNDm02jUNHZOjU3FXz2bp61Ls+mql8ugBAOtv1uzVdziyV87hZnL5JtjVAGSPKda7Mauzaq5ded8ThIc4IhfH0i0LEAyqCENr2AZIqbfSWg8nGV7Nr8eWGXDrrERoIR907iLaPLW8TKS0kr6gAT+F1pwXqC6LpcBu4iEIVtkRoqPxpUyI8QhSUzG+NaLvT+q3q/aruedrBaVUndEC1xaakc7nj1kX72hzLJYCpaWI5uZOSj6jXJxdFPbIZsnxiNxEe0D/A+QOqhrmcu32Ol6DZKgQBEylmq0qnwykpzbMpmM//bkX1gvh0OYKaSf3fg8j3fxOVw9rwL8vpnGIRXxvAW0oe0wcwq9pMJ8TO9JvXYP22Z1yJRemutjardj3plK4f6fOFPpcA5vZ4NDGlq7fhCCCvVt2sGDS3lBe4xJPL+2BLKGZuWsfmzfu6LPjejNqdgc3PSckFAxCMduO8ARR8O2oyz7ylRzu+AvzC7xBMsxo2Or6dKUeWU/Gs1o9nU20AmN1NP8ZA58bVu7vMeYacQYLP1DuIeUJo9fz8+g+TEf2tj90Q1BQv6BH7cFF2jw7U+u1d3r7NFEDJw5moKlIlTHYxZ7A0ixgH3efMcMMUgovchSrp48ryLsP37B94H4vN9066sq/Yr9f9raSY+zZfFUG0IgyBx1e6jfkA/lc/i+SmnBa1aGUXSpDakPXmBi0rZ0nO57GooE+44Eu7lmVUTnpAD4NFv7Io2L5fPbGIj/c5/A56ZRWAMK94W+3oypCg0Wkbtrr60nQHYqhXm5y12xUtHmTNappGR32vlHIE3vn3TtffQuSwn9tzi7/US5KJSZ/LuCvK5FbUNutapytiBi7WzDqijGKB3znEUmLLpYnFl+wvBJAZbHriWzOm5ewzcS7Y8OaeKZXrJxWdfDoUbioqPcI3WzouT4uZ8tor6N4Z1Ijd5Xok/C/ejm09RRV4QK92qUyGPoQC6+K+yOnGITZCSsVZEL7BnEDNI89PhcFiZsi8tcDmqM4lrX21grO+S531cNMdeeRxKIY3TFkMBo2RSLataO9NLoBg6K + cosign.password: AgAsbalGibUVoyOj3JKAy2tqxsXriYcrRYH4xCynFBzkr2cX0Cln3BuVQksN4pfIRMl/aA898PUSVqWZA11WycJ+NFvjadOZuMFZT1KLSuS/42s4bMh/ksJgqqmnOKUai3N9Pll0EntAovuQtLvN8QjWY8hlSCdoiKvvz0PE45MPLdzN/z02ziEfzKtnyhXl4ti1LqwaenPwgB/krqdpSaNxy97sI76CLwyf58DNjNbh59eCp8GG5FUlE9+58gFLCUhHhF6Bqa3BEuihYGW02gYMi/38KiJg7+sjjmNJtxXsv4KHOcnPW02L0QhVWFL56bBt9p3cW7pLsUx9uEyKw5TmF0mwqapxT3y75Y1y64vQ3rdMbKzX4EqyizXcEZ27mQx4fnGLpLrS8k37QPYQTl3LVf/EMhIqU+fNdOoNDbLbbdA0IDtIOq2l7lFKyQ2XH+lIE/gQj2nBGXE5l0zVlQWQNf6+LAegwYPD4ZU7qEUBZNZmnS/irSRtKkXOlV7hH7bG8SQ9leJoEq1gAfvrCnwxLuVYqOPqyPWavDjSL5vhVwkmCH+9gVh4loVaYK+lAqSA+zCSN/oISLNf9BTwL2uJ76oSL5PVK79/cD1lgH6/x2d1VcjUZle4ty00Y3QLImv1PeUF785Scq5KMsfjAgBlaSN60Vyld4gHxp4ayhfTF5siRDW+KhVPGZU1SpOS7Fxla2TJ + template: + metadata: + creationTimestamp: null + name: container-signing-secret + namespace: j7s-ci + type: Opaque + diff --git a/clusters/j7s-cluster/secrets/sealed-harbor-login.yaml b/clusters/j7s-cluster/secrets/sealed-harbor-login.yaml new file mode 100644 index 0000000..b1d50f4 --- /dev/null +++ b/clusters/j7s-cluster/secrets/sealed-harbor-login.yaml @@ -0,0 +1,16 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: harbor-login + namespace: j7s-ci +spec: + encryptedData: + password: AgCkRekCuPA2UKZgEnf3+SOOVEgd3E9IQM1mNQ0TjBtPsJtOohfj3hZMKD9w1eAffzdmxj56N5dGZMPDYtkLO9S/d8QifVJTTmf4bb1aa1p002qyMcY+7SUkPMpsWJGS7o/Ph5zMmzzSvBo2tvJGWAMiLOm9VrXpCtnGGyt1OuoXuYi5lNiTykTU60gAspwseRfXt1ZO2n6mIRczBJcv7e7KYxq5++j1sTuqQa7uJCGvSaut0zzVkrH95Z3sko+g0M0iiQq7dnuIhsUh+frFuwyKcWpEribBILugKJO2yZaIhYUFsJgaG7t2JWawMgKTC9EoTy4gZPAlng4VPZ7+DlBpToi2IFM9oR5BVHK1za7AAdFMTPe164eu9hjO8vEymrVJiBHDT+/OgWkKlArGdiqD6DjgJh+dXI/mMwjjoywCC/Uw70uvwvvptxqX5KZjGdjLpciRGlSZ+lU360YFN/zT86nI3wb0ryB0VRL3eS1+BmjDL65/f/zWwJl3M++3Ce6sjLMvxg1rJ5YNbgYKn9gBJRTvZyD9JlH/H+JLHTuxyUmHAi4Ny5Of6hVA/62KBeEKEtmeNfAeaSsvi5CT9Zc2FjjhOhOwB4ts+xrS860OKEp+RNOnQY03nykCUNXUCnzD/APJbh0zWl8LFc4UnTLoVVj1josx9m+NCujOeuGBZplGGJXYzpdmYqNnFJ33oBon2ClVQTuSPyTtw85Zk/uiRReT/33A+xbU9kRg45TQ7g== + username: AgAbnvhV19lwnnGYmk+XveQXI9Pku28vfpQ7wnhIKxZQt0U/68leJlvMYbSYlhawXXIBvj7ImxhoO0yRinJi2LBCy7iFk9j9A35onyDDMJXfZjhD61xYo61AtfxHDTvqfE9LKPMwUrPRBKuq5W8QH/5fmprwzF0HrYKPzXB7/G9KEhD1VbECBamVisYKi8Usg9l0VCm9UD9CfzTblGfQx8ciGJ9Wg51oP0VTag91XY4SVxP5PnOwEl0gxtuTrM4Xiz0okYIuPcB/2vYH5k81S6oY3ILQ1u1v0B8lbDNDNB8tYwmnsjv5HbU+nIGcFfRUMgxhIDTGlPl7a80vnGHh11F5JYx8u7DjK1JZ2RRe997qyxVoACfQKWYhCWFd6YJ2PzTIgGlMe1RxJZungTEmqj/wzj7HBt2hJh/kZ4JWTDL+SQUjV+nij1T/rWfB03QyQ8XLkFfshQQgwf00pRw/2BAGpcCaYg9vgTOkd18ug8uLolJlVToLPS5Ukpwb6yLc2HcUzp38RYHpLp+uYWHNZ5H/1rgCxa4YphuiLSMaWHdEcV4nHrorwFOeQ2wkwKWtsChDOTPfxdkSnTXutoHOb1RLMj+iHbNjKM/xjQS9AnJdzrhlRKf2lweP2oamOqp/qUpPrrZrj6XH8QUvFB+JO1xpTy3dXsKSk+udFtNZeWOa2q/diEbJ3zxEuaxxt2BkWKMQzUU2GXr6Lk1v+JQ= + template: + metadata: + creationTimestamp: null + name: harbor-login + namespace: j7s-ci +