diff --git a/.gitignore b/.gitignore
index 62c893550adb53d3a8fc29a1584ff831cb829062..01148036bb3a3f3fe10bf013f4f9cd6251c995c1 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
-.idea/
\ No newline at end of file
+.idea/
+certs/
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 3b581ea9c5bf4176aa53fd74a058be4c54864154..e10de77cb154daa8850dcde0b46f7fc74659078f 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -34,6 +34,7 @@ package tests:
# Install Big Bang
- helm upgrade -i bigbang chart -n bigbang --create-namespace --set registryCredentials.username='robot$bigbang' --set registryCredentials.password=${REGISTRY1_PASSWORD}
+ - kubectl apply -f examples/complete/envs/dev/source-secrets.yaml
# Wait for healthy
- sleep 5
@@ -45,8 +46,9 @@ package tests:
- kubectl wait --for=condition=Ready --timeout 300s helmrelease -n bigbang ek
- kubectl wait --for=condition=Ready --timeout 300s helmrelease -n bigbang fluent-bit
- kubectl wait --for=condition=Ready --timeout 300s helmrelease -n bigbang twistlock
- - kubectl wait --for=condition=Ready --timeout 900s helmrelease -n bigbang cluster-auditor
-
+ - kubectl wait --for=condition=Ready --timeout 300s helmrelease -n bigbang cluster-auditor
+ - kubectl wait --for=condition=Ready --timeout 30s kustomizations.kustomize.toolkit.fluxcd.io -n bigbang secrets
+
# Show all deployed resources
- kubectl get all -A
@@ -68,6 +70,8 @@ package tests:
script:
# Place kubernetes package test here
- echo "Package tests go here"
+ - curl -v https://kiali.bigbang.dev
+ - curl -v https://kibana.bigbang.dev
- kubectl get helmrelease -A
after_script:
diff --git a/README.md b/README.md
index 35c81cea0615c3deb459b428e1367ef963380cbc..d36ad20286391113de35b520bafc2c75d1b524e4 100644
--- a/README.md
+++ b/README.md
@@ -19,3 +19,8 @@ kubectl apply -f examples/simple
While simple to use, Big Bang also allows full flexibility in configuring individual packages, using encrypted secrets, and deploying to multiple environments with the same configuration base.
See the [readme](./examples/complete/README.md) for more information.
+
+
+### Developers
+
+Developers can use the [Developer Setup](./examples/development/README.md) to faciliate a local setup for developing improvements to Big Bang.
\ No newline at end of file
diff --git a/chart/templates/clusterauditor/clusterauditor-helmrelease.yaml b/chart/templates/clusterauditor/clusterauditor-helmrelease.yaml
index 5141182f5558e116ab402250287e13484d959400..922bc793eef9db06302008ea97fd5ff4b2c641ef 100644
--- a/chart/templates/clusterauditor/clusterauditor-helmrelease.yaml
+++ b/chart/templates/clusterauditor/clusterauditor-helmrelease.yaml
@@ -5,7 +5,7 @@ metadata:
name: cluster-auditor
namespace: {{ .Release.Namespace }}
spec:
- targetNamespace: cluster-auditor
+ targetNamespace: logging
chart:
spec:
chart: charts/application
@@ -40,7 +40,7 @@ spec:
kind: Secret
valuesKey: "clusterauditor.yaml"
dependsOn:
- - name: eck-operator
+ - name: ek
namespace: {{ .Release.Namespace }}
- name: cluster-auditor-policies
namespace: {{ .Release.Namespace}}
diff --git a/chart/templates/logging/ek-helmrelease.yaml b/chart/templates/logging/ek-helmrelease.yaml
index 68e45b054b39798936b82324c35193326b63fb14..838440dd242d4abb6d5e8c5eea527d96a5c7052f 100644
--- a/chart/templates/logging/ek-helmrelease.yaml
+++ b/chart/templates/logging/ek-helmrelease.yaml
@@ -1,4 +1,4 @@
-{{- if .Values.logging.enabled }}
+{{- if or .Values.logging.enabled .Values.clusterAuditor.enabled }}
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
@@ -40,6 +40,22 @@ spec:
values:
hostname: {{ .Values.hostname }}
+ kibana:
+ version: 7.9.2
+
+ {{- if and (ne .Values.registryCredentials.username "") (ne .Values.registryCredentials.password "") }}
+ imagePullSecrets:
+ - name: private-registry
+ {{- end }}
+
+ elasticsearch:
+ version: 7.9.2
+
+ {{- if and (ne .Values.registryCredentials.username "") (ne .Values.registryCredentials.password "") }}
+ imagePullSecrets:
+ - name: private-registry
+ {{- end }}
+
{{/* ECK and Logging _always_ depend on .Values.logging being enabled, so can assume they exist here */}}
dependsOn:
- name: eck-operator
diff --git a/chart/templates/logging/fluentbit-helmrelease.yaml b/chart/templates/logging/fluentbit-helmrelease.yaml
index ccad5489f1f21ece484a6835654bbf413217f8ce..1b52bc5fe5d5f463db4c5e25f75c21e4799cd45f 100644
--- a/chart/templates/logging/fluentbit-helmrelease.yaml
+++ b/chart/templates/logging/fluentbit-helmrelease.yaml
@@ -38,6 +38,11 @@ spec:
password:
secret: "logging-ek-es-elastic-user"
+ {{- if and (ne .Values.registryCredentials.username "") (ne .Values.registryCredentials.password "") }}
+ imagePullSecrets:
+ - name: private-registry
+ {{- end }}
+
{{/* ECK and Logging _always_ depend on .Values.logging being enabled, so can assume they exist here */}}
dependsOn:
- name: ek
diff --git a/examples/complete/README.md b/examples/complete/README.md
index 425b881d40f66c7b59cec7eef78b5b1768cdeecc..3cd982e354edfbeffa53aa9e6909a74201851215 100644
--- a/examples/complete/README.md
+++ b/examples/complete/README.md
@@ -24,10 +24,68 @@ We cannot stress enough, __do not use this key to encrypt real secret data__. I
# Import the gpg key
gpg --import bigbang-dev.asc
-# Decrypt the Big Bang Secret
-sops -d envs/dev/secrets/secrets.yaml
+# Decrypt the Big Bang Development Wildcard Cert
+sops -d envs/dev/secrets/ingress-cert.yaml
-# Encrypt the Big Bang Secret
-sops -e envs/dev/secrets/secrets.yaml
+# Encrypt the Big Bang Development Wildcard Cert
+sops -e envs/dev/secrets/ingress-cert.yaml
+```
+
+## Development Workflow
+
+This example is also intended to serve as a development environment for developing against the umbrella chart.
+
+To set up your local development environment, follow the steps below:
+
+```bash
+# Create a local k3d cluster with the appropriate port forwards
+k3d cluster create --k3s-server-arg "--disable=traefik" --k3s-server-arg "--disable=metrics-server" -p 80:80@loadbalancer -p 443:443@loadbalancer
+
+# Deploy the latest fluxv2 with iron bank images
+kubectl apply -f https://repo1.dsop.io/platform-one/big-bang/apps/sandbox/fluxv2/-/raw/master/flux-system.yaml
+
+# Apply a local version of the umbrella chart
+# NOTE: This is the alternative to deploying a HelmRelease and having flux manage it, we use a local copy to avoid having to commit every change
+# NOTE: Use yq to parse the kustomize values patch and pipe it to the helm values
+yq r examples/complete/envs/dev/patch-bigbang.yaml 'spec.values' | helm upgrade -i bigbang chart -n bigbang --create-namespace -f -
+
+# Apply the necessary dev secrets
+# NOTE: You should do this immediately after the previous helm command in case there are any secrets that the helm charts require to boot
+# NOTE: Flux will take care of the reconcilitation and retry loops for us, it is normal to see resources fail to deploy a few times on boot
+kubectl apply -f examples/complete/envs/dev/source-secrets.yaml
+
+# After making changes to the umbrella chart or values, you can update the chart idempotently
+yq r examples/complete/envs/dev/patch-bigbang.yaml 'spec.values' | helm upgrade -i bigbang chart -n bigbang --create-namespace -f -
+# A convenience development script is provided to force fluxv2 to reconcile all helmreleases within the cluster
+hack/sync.sh
```
+
+## DNS Entries
+
+The owner of bigbang.dev has set the virtual service dns records:
+
+```bash
+$ dig kiali.bigbang.dev
+
+; <<>> DiG 9.10.6 <<>> kiali.bigbang.dev
+;; global options: +cmd
+;; Got answer:
+;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60209
+;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
+
+;; OPT PSEUDOSECTION:
+; EDNS: version: 0, flags:; udp: 512
+;; QUESTION SECTION:
+;kiali.bigbang.dev. IN A
+
+;; ANSWER SECTION:
+kiali.bigbang.dev. 3600 IN A 127.0.0.1
+
+;; Query time: 225 msec
+;; SERVER: 10.0.0.1#53(10.0.0.1)
+;; WHEN: Tue Nov 10 11:19:08 EST 2020
+;; MSG SIZE rcvd: 62
+```
+
+so that if the cluster is deployed locally with port forwarding, a browser can be used to test the functionality of the virtual services:
diff --git a/examples/complete/envs/dev/patch-bigbang.yaml b/examples/complete/envs/dev/patch-bigbang.yaml
index c526d6f6cda060d75722885be52c4f9c036b6f5c..f871a6233284866890034840f75c8f07c362d18f 100644
--- a/examples/complete/envs/dev/patch-bigbang.yaml
+++ b/examples/complete/envs/dev/patch-bigbang.yaml
@@ -22,11 +22,35 @@ spec:
count: 1
persistence:
size: 5Gi
+ resources:
+ limits:
+ cpu: 1
+ memory: 1Gi
data:
count: 1
persistence:
size: 5Gi
+ resources:
+ limits:
+ cpu: 1
+ memory: 1Gi
+
+ istio:
+ # Directly modify chart values for dev workloads
+ values:
+ kiali:
+ dashboard:
+ auth:
+ strategy: "anonymous" # Turn off authentication for kiali dashboard
+
+ gatekeeper:
+ # Directly modify chart values for dev workloads
+ values:
+ replicas: 1
- # Disable packages from deploying (for example while you're testing)
twistlock:
- enabled: false
\ No newline at end of file
+ # Directly modify chart values for dev workloads
+ values:
+ console:
+ persistence:
+ size: 5Gi
diff --git a/examples/complete/envs/dev/secrets/ingress-cert.yaml b/examples/complete/envs/dev/secrets/ingress-cert.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..191b7fcfd34be0a4aa94fd81f4ee6c82d4d1d43b
--- /dev/null
+++ b/examples/complete/envs/dev/secrets/ingress-cert.yaml
@@ -0,0 +1,39 @@
+apiVersion: v1
+kind: Secret
+metadata:
+ name: wildcard-cert
+ namespace: istio-system
+type: kubernetes.io/tls
+data:
+ tls.crt: ENC[AES256_GCM,data:gZz23wzfNn/LNuPERCTa0gkiIfDmYQaP21wskAjUSAxXqk8X9+6uHWv8h8o7t6zL2QOTup5djgcDxt3utEI96lMC3P8Y9rTdp0Itd7VvPk1cCCS7PLCW4z+fDoVbxqTh2hBB+hZM9X9FgXyamV0PCM0PFvBog55NI3tMA1jdxSp2rivIGoS+7n6vNYqrYi8gNNJhhouZ+O9ZupLiDnwfTrReih1TaIBUUudu4/L2XT0gRdFMiPGhTVE9s1U2PXMuAPkm2W5N1U2ADpP+BI20i+/yX/f6vhqxMPpxW6ajZNgeLLtF6iFqeCmtaf+Nk5lP4QjtamDoYS9Q397gf1ozhXiL+sAlIz9fuWUSIsGskmCQmvB8QkLvhqJlf8w63EpZC5niQIxrXJbn/E+R8iPZD5eoLAhw6A/gxoc4ilWzaryfNMjSsDF7knJqWDOtmpipYr/3NzoL4XguWrB86twb/ZQS7YC04wA6kYUBju3NzV9am+pYrnyLn3ucOoIeE0QkzhpRfN8HFJhc0C2r+qdUmIbanBpT+Hqwhruu+5cf/hNR35c+DIF95vqpAikSLwpDE7LyhN8JOjLv3F1QlmOHAbHxkUTpNrJFl8eUOt7bc/hIOtSaNpqLCeS2sJmrdIZ1v4aJtbZjgiwVdd6fNPn/bBxQ6uiDsTgc68xp+CkbEeqXXFcL0vufsL9QBCKX9PYv8PNgqWrD4XFluVPNWtM1XAqAvb7287dtd6NeV+XPss2b80FK9r7jb/h3/+sMCDTVS9LklhBWTk0JJII8lrkmkSOqEViYm+YDefzW53IXdL40NBWvR1PsHiBM8+e7S1CXEowTTaPp6pV4KuUa4EUhQhIaYFAqHtImwKPFOD1Fo9mzIhl+kUvo69udQD5EoYsRuj9c6aVqixfaAHlkh3xzOQQAhw1mCSjfxAaBKF0j0/m6F+PX+aSd2pmqwxOlfv9+Gi/3zqRPTq/xyIuDuCh/65pzlbsGbMIeptMdNhoY8w9q2kEYTMonL4KAqS3FvC6RMfkLk8g+lhfu3XzAHLke3qXj5AZiZ3auo1kpVCYa6egGQRR9n+mkzpOcUQxwp0xzoHLaoEe+w9QpKVjDSEzOsuChYYKOdb23j5bS3BHM4Au8hLiD9LKpCmvRKWoIGUNRCMU73f8LphCsrwAdyudbVruCRF3nhnZAafShVoNxSsvTyv10KJf/aw7ZYgFTWyLS91bD0ZONSMgO1dXMa1oRjkFti9il8cCv7I/EI6A9UW29y9WLn5cmJY/6i3tyJaByckvAWAtenQvTTOTxVrPmHNwGIAGcO6HeMXq50h1+pZnK2BYeKmvXOiQZJjCAyseiR6JqJnHm8+B7qduTi5sKDAEweUlfUQJLRN0goGa6Qqmoac9T44DKwH2Nr5bsNSvbs4cDLfQPSSZqxwPxaeyccLUTVrcv3fCDPObo3+Xc7m+lhEwOIHgojuc+B6+ZQW1y53THG626KsLpLgN3eK3UEjidqO+9BX4oX1MmCx5LN3FElQZD9Ohf0CAfji0MDFCTY5l+8WffXDQsgjtTrZZ6cWdc0IYq1Ear31qahBM/FlB8MJ9sneT8GcAGbRNfAfAznixmQ4EUIop7pQNG8JcXKH+U/a4wXgV0HvkytioB+98rd1R3TyTQUkbf1YowarceqMQZ60l4c6Fg5bcPq/4Acejs6vPsjFeBz1tDymiou1riM4R40CKg54HTG6i1IRkSECAMB3pLgEXLZrWZ+NGB/e/2Owb3ZVXNQSezE3Iurmzl3lyeiEMLoeCmd5Cux43yDUvIIeoYFFWuqsPG4mTfvcXSPj5pCkzZ33/fiw6bfkXA7u6CwvtkozHNxiztZAmWtDe0whACFrf1ixb7r9hXMu5TCTb7SdycxO88NidgEd7Xxrph4BOzDw252ZIHAooxAZfAcQm+GaBVjHFuCx91JVRBaah6Vb1wXY1wyxRebVYdEODtx6kCKUHskWnw/rpt2x27Xb36YfgdTq9LpwFWlt2eSdGMk3U/rOYgkKwMAM3UGRvTITo4NzL/KZyPmjRowTDYbM+E6OqGwT9gkWSXUl5qVpoXNkjM0cFHmHUeliHbwL7JbH7wCUPZsUkq+Nm7f8SJb/5pd9eGEoI8Ih0burDWwoatFHRMfAGURw2ICE9pBlRI+lqHmOqqAzwEi3HQz8Spn4SK5fdjVZLq9UE6zFVTk3K6lpA3eUgM75anWAL3X1/8CKYQ+Sdalr/uEz0hBe1cu0H8mit5fogR/jFHmRTVGMrGWK4WUOmT5bKm5pcguCY+0KDIUrAmh6ixw2/HhRhmMRuGjjT2EOuozLoO9EksBDfmzNtC9bX5bqUjTImPVob3Q24dqQo2VPfnkLPH4TlsMQL3PyJHhcbHIzUIkZN2UsiCYOT5WoI212/trgqXTV5wBjdN0WteemBtETLBcYSg/vVFIJuL0OBh29MLI9rOeF+rQYim3AUZIEA3dKxYRZMCGu7/TRYkoNF8YQdGpHJOXaBQWoMFM9fJuVruL3Wq/onkQxUvr4a6Jot5RzqZlzZSZ+Gk1r5X7K+v1P5lAwoYGi10kcqmHtzBYQk0UcXetmaCLQMkKqhmZcNkUQH9bL547T9pBnk0tV/xuIQt8BKMHsu4EEoTezj+DHd2+0ivXmBm9EZWZRlHNJLHDFrdkYb40ol3miOC3ue7jpV9DYO267A18WIhIrC0z6Ny0iOVIpqn/76uCBhikLgmXJr2Lkf1Zeh+C+y2ias5j9vWsiOiJUM/b4uVNSFNFQQLOSGfkWQfPTcMRCSAsuSTmi6jpazegA6xY89WnpF58QarHixQrdrselRlg+6zgayKIGhHZBiJwExaBsV5WlGtNx4wFxuC3w7KjuuCaaBYv3azXXl7QNiBQLrZcyfOUlfXVtYO9zrogwDD84i0dtmjw/CkuhLzjOHb0PQ9hEMP1X1q9WPTfwBaVLsWvf4hLV4/l9UaH80S3K0Fe2Dx3gOSXwcTE79+ijYss77YjAEoSvKj6UHbRi8OUNGnpvjJt5mK+zvp/Cod/YfyWqMDOx2HJw/nt2AAKvPvTEZ0Xfk1Q3vj07rcDiTjJqpFIwgEQinOJN4vqZ4CqEhBVs0Cz2VjptH3hjznmePTnP+Fe8JqrHir1AMZflnN4tdWSALzZehMBYUN2go6zPCkpv/O0NvS6wVBE50K+tcpy/g53z6HyILRaod+5BZCOP3b6Ip0iSfCXaLegmYQAxO1E1Qc+n5wA0YCjyALC9s2JGGb8aoZlYOD00ijjT3TKADiMvwHBpk7GltpC1TmuzJmV4AEO8CaEwfNTr/fgeACOKIoOJzsvr2foBc+Xiwh+Ton4uSHIR2ZtCn3PtWT9LxR64icYgDzF8hxt3kXOwiiqFkGIU5yAMqfjAzcdyYTcRFNmd1Z5AxTFMko7S4YwlVh9OpV3iW9aqfJ8eqkG7GRVS2E+Z+zWCoJL28YcKHAgwVJf3W70glc84jryqVcLUGDQtfmIvCcyNl573TarGnjhxlHwsyU+uX02AjgptwCWWHTbJUlbE+3nJqSJbjBvxujPn1XHHMXp45+HobVlQwtC6QrJfpofl/qjQJURabmoQ1AGz/H0R7cAgWQ5SQXvMQZ0w8qBgBDxbA08KgQBVw6epUlg2qIYghOzpi6yFML457lfNTG9a0/KFTq+YPVTOpJQ5ACS9gUYcG1jjM1g3r3MDOPj9c2OiH9+I/BX1JfGfsrCab9spUHPeGBgxsfk4fNOpEE91/Kd2gjiXT4WMtHfUwcxsADBKnemuKtBgjitfRPBUPLEXbyYR0ZRsiMgWKurNAwa9uP+lBr6q+63RRqLpjV/WQg1q+tPr5ht2APsXwj41fZvCdf+wmxD95eFWeRIiYkD1D8WOFhZ89KCCX1uinnAybruXiMfDKA/YK+Pntt0zEuAHVvpcvvyJLL9uh4PMj88gg3CltJZv5p+QL1PRr+uqXcjf1h1noAmQ6cIO3xtVkec3YKWyd68WXyu3Y4LCJqHauLPeC+rdxuybgh9HSLK6InQzxShSl3QFwDJzEp4ftnLsc6U+9FF4vBWZHaT3N/Bp6yeJ7JhC9JZmQirxoS6md2w3ScRHoWrkIeZpjmriRkoUdsuyYIteKvVRJqtSSTwqskHHCBVyqp52Qw5yWBtKjXfd8y8W53mOeUPSxXwi/eX6NyS1ts24ylHZTLkcGKcBns4zfgGI44E2OTBWMagW4DNSEAMyPa5WpOvQCDi57SLA1/GZnJ9nTzrC2EdJ7a01ujsg11oT5d9fiplzT4NMY+HChXYiGWt+ktln1TgSTmrvT+D2Jtp3YsTsQ4S/PVggQ3vi1/0gLTiI5lLJb0VRnvUMv/YI202i+V6EF4Q/6zC9qLW2FgWabG8HDeEQcQX9TJRkBoUHNHpJjHH1hQyVIkQrn50h/VoxfHOZAdf1HVKvbOYEjoYoJu8J10MNhF6g55Wl0q90HuMTL4pECw3QW3bCzISheNaPKJuEuP8om/rjL1O5EmiZO1eW3u5e6sxWEKjq0et/iRHzLh17KOWYS3K5OOB9vI8MOh06lsVUiLIs91LmvYobKOv9yuRatT86z0EbpP7CSmjQfQWRgDqbEeeYCXBBZ6ZCFspWTjBwOXOmPXs6mR4EFxgb6yrzItGSY96o5HQL0L3ibubpPWRfpuZ0AYKAw3coOwwM0pyeM335qSEUv7kP/HjHD+Vc4o3GLwbwE5cQJss93CfPF8sOkUIrusdT6ffYQi4IcJMq1ooCAhSGhwrWssEJKKBgzDKe2VDqbZxC2N6rVirTcUH2lnpjWg14WiDDPaTFJ6v2I4MfDaN63sRB2RhtMXNxqzMNz9ijZmkuSUnqmZ3aH9VXT8q7xXWHDknBID0mgJJo3sHd4e71acO6q3wWcGuZz34rv1aIMPuLqZcqVJSkLSO+FBaTdtt/ht+miGk5RWiQc5eHmSNm5ibz4LoV0kPOM84b0O0iERWBT/H9LRYT0PMieDWnGitkmcqKPjI1YN4iy6lBlOvY2D36PJmIhOaZ0XbmsQbgBJw3/mxKKSk4DgF4SfQ52QOHxgTv50P8ZxqXIsz3Bia154BHaxIL+m33DaOQCZo9kuQ1/maJSJAxqwAPbCNHS/Ea/WoiNUCBIr7HrHNNEDyATNbDy3Kr47g2U19GNbDXPzQA4XGkmhr+tLGc/+KWcwl37mOI7VEzY4gAniHaIv0DKMWCq3C1KBS8kf0DT44fodyo1JN9RoQXB4SvCCmiL7opR3TGUdhEELWegGyWeQVkpu5X3SlNno1IrZEEpPLQ6+G5oSdDPJ5U61mqD75A9V81cdqIa/83ofPbVjGaMpmDb9yP30WgVC839cUj5GtE5Jp3GveWZp8boNpHv8VVwL2dHnnxU2PCwZOhiiDdU88G4XQjhkeK8W3zEeGSVebbQZezLQrZxph06Wl0oDj/1qwQTpjbe31N6LwmIo3CkrIObke+PdFiclwe894GUM75gYtgjWbzUIXjuIxd1VHfKN6j3jZfTmOMILDvF868smPZS6gavvIZhOgrbMDVfOaAcqoarZjy4dFjeHsN+T7YvYaBmSIwiOs4TYUOTW3vQ5Jtq9hlqBlWN6LCVjelnsBEvpNOJ88p70RjqFZgQMJN9HZH1kLAVBjYWGSXZbKI1+jhZI6+s+Z+0NNRghfXgVldwKZ5XVfcw67QfPd7BI1zcVbjUURktcyWMjPtuDmuE6q1LnbWVyJFjdEmK5NjRuqw1dSD1PnpMCm22LWY1lLZc8FffDd7UYrVUL6SOL0l1rR7lHcFZXjxaf7RZid963SEmFUpK9ch+TQgT4tupcyKnFzUH2fpG7HBvZ+0XSQf6Uw4MWyGZEva7kKR4ciSOTDQAgrCteFxIbtYcF2icLRRcM6vIp6hfpVWjtiZ73qqazqyzUejzy8J/mTFxLn4kWwndh1O/VfIY5/zaYqG61jsbnEhd0DS3dqDJ+z1h45AMTUMMLz985mf+cf8XA4BapM2eIXXaKuAtN1v8fiPsgq9ikG4RCfSJXBK7vDV296Jdf8K5mBFgZQYnuazqN2ygdi01QqVhOIwvY/JnaPcPu5Iay6/NNd8MOFN+F5KTR59l++anawoQYj+t2xDevsR12+ZtR2C7WtyV43za3M3/I2Y6uvXMBHOvhD1LUSrrMq96OqE+0No2HSyb8YpG2+iiJPm0JAwfN7IVdJkoRCi6C/184WvGFr7K+gpgFq5hw1uoDHvWQg9GipLW8s812PXRVMwrdQ9Ud1PYzQBcvZtePofjDdMugEgyubxF6UtQK3Cj3AwDIzvJLEbwfKRgg9P+oezFSDRpi8znDP8fkKPJTy7swTj4qY+/ZsmE=,iv:BTnH4RFUZiNNLhxUTcsb7Ktzxl7JhUV2JcqtcT96DFg=,tag:wBn2Lul2/TLqEU937Bz0UQ==,type:str]
+ tls.key: ENC[AES256_GCM,data:mvaj64Y7mxPJ2j+p7ZkT4Qodgo6HiUgW0l+bNiCzcr14zhydvCKUNVoyJwY8C3QZKrgrv8WRc8pCoFtqSDWxkdHH8SgmRlAdRSbFIA5ScoJLRIIR1oqUPI+upnypv1wBABCYMMg+Oc4gq9Y9lXAsYxEbfwRvKXmaqwNy1NBCngQj5d2So6M5N+6WIWIpfEETlWNzIX/bLIvkRhdWdOogkqlJoR6Fb1Vi6t8EL8RSLaGjSwKbbKLDmoBg75+ohm4FnrWCM0NG/z4069qN0HFNaEl5SqfX46gM8xlla/bCH90oRz3NRd8rpZHiflxZWbnV/04IiDW/Ddzvxi+DotnRQbWnHWLnHKL/LyVCw0HPLj7mVVxN49+j7ESwrG0XyG7L1P+2Th6RES8ouHlm0SOdkxvNtTfP3lu/RRpV/q/gszk6pd8uV7ZAsiXHu0vgn+zXOhiLowWfP6j8iXHbSDK4C0/hAXl2bv0I+NENhocWTG44U30/qX63lsib+cWpSJ/BX6G/DOwxNjkL10R+Cya5Cd+Z83saX5aUhx0/hy+u/2eoKYsOtllbNrDuWdZC6gtpd1vedXWl/BD9k7cj9h4FyMamY+ToczbVkpahmsKi8U12nQocqzn38oNDyu9hdMQPVMtbEQVgirXbO1vGqQOayK4JBHZxRufixCfdmUuh2Jkvl3IvV5bRdIuMZlzMkZIIL6wHjEGsNI0g7E4xHwwfdt2fJKc6cMVfGdWr2ULmHKzLJYlu4KK8TWzoYfwkjAqmcaGueXR2LdDE+B4ftxr2aYZSUBqR9+rvKjJX4ChOWjxdewCdUT9FKtHER4CaIumfY1yxQbsl8ItHtvZAT3/fi2GuPza+AboU6z0Y9BRqhnk5Iwdd/cuLn+uSmcUBew3tR47RlH+vPDtMXDm83dgf9uQEkcoIXs6xVgEBY/LZ9Rz6s0FWakdJTlQvV7yJWU2pVhJarNk0gcut+kMgS6ZhWIrV5Zwy8dDcM8Vb17n11tsHy5194d5dwwENY9wFgcO1+kG0L8wbwcUwGK5TcCPUMY6180FLfk1HWowvGAcfo/bg8PHikSdWZAZhYqmnGTh6r0kSPsLDSQBtidSM6vdGCXQSHNihNxS74UxIFrhFAmIbb1Iz5ZMYGhiwmoE1MXNkJr4LvynZdrpkqZGNEzOt7dVyADVM8qOKsG8ED/hpYHHvAD6dZRVZPskOP1G3k9GzgM80lm/cKHTKmOLhiSLxjxLysLjObvwWKmCUy1NO02tMG8FHJ48dCHmVRECAOZPnrhcOfwQ7H5+vuQXHQWPeL7g6iiL2VowgFz7Dn2plUpyQfZnuiui6v8MD2KEW6G0sOfBzg6LTwwXVAqKFkdhEyKaSIgH4ZxJYmslFYf/fnkcuTRwXpd0iVMUW7xd5xA/T0FwRj/UbnPca0jfahnxonBpJePXQMBg5Uaz5sLE66IhGeyU5LPvx2HEsBHpW7pmESRYFQ9tCtDvP64NAWsc+nOXMvBqwqAOoO/RmmXWcvV4cFx+d13+CQUgkIP9YplgNUqTMTpioQrCeGUuG5PXc4L9ASOlnBm/fYD6nT4db0uzwl1Ze/y+XmCMIr5TucMa6AhjIarcjiK1sqj9zAjS+Yp1GIv4cEuRpMBpgQsWt0kroXek7YvUBcfIwx1NCQpCQkbaegGvVBcaipClDzrX6xuTHO0yTtmYiQ8f0iCJiSpUvjReIfpBejgRQIUQd0GWliuaOtTG+U5UJ40ppAI6Kgd9jlFclekYIP0Btu4wIvq0V/C81kEzfqgMvjhf8tyX84kGg+26JwDRWQvGFXN+cKGa9Uip+VyUEkrnhhrjeBk6Pxw/OT3pwuwu2E0e3IAQrhn/2A+fvMH6TAo+n21zq7nIof/pOcoF3wX8xSNRR3IrB9cXh7YQkUN9qwWa9J0nJpGBN3SQQl5o2t3E4war3E0AHto/8zG4hlSdVa/37eCfTTUT0Y66xhPgeVrI+5e80BXdD7FJfsV3BvsN/MG27ol/p5cNJQQYrP6RS3YaTrZE/2E1DmFiNcA5TvLtXWC4wDNaH6afm96nf7GicfH0pmpVbl3OF6FoQ5T+ldJ01lVGHDQHVK6UCm6Rs2EZ+gJCjFf6fSx95Fr2R60j2ASYjRE+tfwoRDa11R2Zy8SEsAHGFoBZtDvnMJCS4prTIeB2K57dG7cDwfnqxzIIu+cDFgeMpnAj4I8HhLlUlodz6ioMMI8TooL+4SOJCwFlo1RbK3eHklAcfLu9sm+4fl4cka31FYYnTJWgYnDN2w9k7dwS5rGu7dAqG+Xzq1QMcar8FTxh3Rb2V52/P2X7tcKLfsJQ/If62UDvlKoOlXn+DRmzxbnvgKYtqmVCxlgmoy5CUq2bZj+QXMzpE+jBHYZxn9tjQ8SC/GnEJ43+xD9W6vUjFdlK1UQUY5zLVhgBJF5FxpKinvuxHB3NT0Tvdv0GJnra02Vrcja6BwePbfhaNpmk9Izjy35U3W3qrkwQG5Z3ssZSMj/hQjKEIHaXVQFR8K9HVrLdB2s48yVhJ1ZqPQsIptWdGCn73qjZeaNO9YoomeQjKMwQ6f8PK1DSioesw93IZNDidqrOHabDFx9JyNV5HRjPDuZmKM2isMwGh25ZCnFfTDu5ip7KN6h22xsGdi9g1uuczduzEEtNW9tyJmqgEEgkXnyC427rJjrC/pOiFnTCqlDSjUaQYg5yceF7bj+5WrvDC1G9qjIsvgpXmtofsL8TLiRxwOOlswRZ3APjuEhFGlSSSSXfznvQn5otypAxy7Ewec4FICVBWMoL3R3lpdeRCvqkPbMHIYbdWCizHdwOFTV5JJYeEaDdZwNanyaWeaoBdv02TSVeuO3hqcdbkUSGu/nqtWUA99mnYXbXaYsNJwgt22Mqpv/AEXiT+MUmXEXnrOxZsbdOKYMSAGeyHlsLAx5H517rZJwrRLFNsGXsxO6F6PJt5Rw+9RgvzGOwzfl3q1T3pMfmmL6CnJJ8xDz1TuZGBfHHBKq3t7jbC4T4nTvnCUkRCBYYTYxtGsg==,iv:lX7Oc7b7Rb+RhJMxhMiJhz5oeS1Cp+1m8edirW6rW2s=,tag:ZL3bXjLzaA31JwHv8rjTFw==,type:str]
+sops:
+ kms: []
+ gcp_kms: []
+ azure_kv: []
+ hc_vault: []
+ lastmodified: '2020-11-11T03:32:41Z'
+ mac: ENC[AES256_GCM,data:CVP3ae0L8dNsKcM+kv4J2K7bat+wwZwlfqcGKgDTgqHpXb7oJZZetXWl7WUX0kVYjBjuR+9UkR2za9FNoLvI6tOi+E+xJsKZ6aD5jpCgKptliTiYqTaJUUVVOKAGLcnvo0f3h5msREfF937Ycv86Vlj5/8Zl5GHxniBagk8TEdk=,iv:tZSkn0NO6FZ4GF9RTCLGVc4Ks94Pzrcwa0HTP53mWYQ=,tag:m96rF8OdH5H7zWlOXzS/pw==,type:str]
+ pgp:
+ - created_at: '2020-11-11T03:32:40Z'
+ enc: |
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA93W3Fi3CqSYARAApZNyLFLq1OJWrud1aX2IWOMMdhGr1YUmCNOWewCSLUtl
+ r7XJ0YqZWqdezMcvV+PtTMxPX3Yu7mtfKFHjhUmc2pslvIBP6RjC04uVY2Lf5Obp
+ M1wiGS29agV1uAHFINK0dh46CH3sZLHhRS+NWGdRKb9FvSY9Cpbwi7/d2tyAP/l3
+ Y+9Q8BAnA6KNStzoT42C0vQsw+nUskWdVeEbh2+fn8Peh/NADUP+3uzbKmL8UFNb
+ /MbA+BmtHskuvgC4Ei+KfknD/y2nuJ/pKJxY9WuTxoh7XC14iMakwUIEjnIY7piK
+ 4yx+r6wZkYZnSu3CENojAyooEhcnZgUtl8sHBLpEVPsj7TLxmvMapETrZVWhhMxy
+ 9PAYU43IBZqaMxjAKgXWJFdSX0nE4mkK7vF/l1+PIOYG48bAGh6N37dTi1onhbLA
+ qKBb+7Hi1KWTvx25ELNIg9l2lO7Bctz0zZB3vI8snmORugTCZSR4ZyRJLrAKlVX/
+ iood2azWAoCfVprXA6jmyw5C9ALTUxswgezXAhd3YS5N9GTgLSWhYf78BDC+qN+U
+ 3zcySRHXaQ+nuOz3g4IVOkueBikE9HQOP/ljwcF8ow1QixVdVuH+9VGCbmQGFH4q
+ 6PpX01f1Rnb1kv1VSuViVaoeukzbT4pMpjHQBBMY5CyeIZSwypNOt4k58A8IC/nS
+ XAFSBcw04ZhfQoXTvlIXudHYY1psVPGTPjzAuK0AOpLnFJoUyNVpAg2OrDnyVhkl
+ eS4Mxo/MM6cawMmQFYq5vUjInB0/SdbHrECp7pBh7+PR4tlDTG97hmJrqRu+
+ =XcAA
+ -----END PGP MESSAGE-----
+ fp: 41BFF8BAF2586039F6293D835A2E820C25FE527C
+ encrypted_regex: ^(data|stringData)$
+ version: 3.6.1
diff --git a/examples/complete/envs/dev/secrets/secrets.yaml b/examples/complete/envs/dev/secrets/secrets.yaml
deleted file mode 100644
index 80bf703f53909fa7ae20c653697ba045ae650f36..0000000000000000000000000000000000000000
--- a/examples/complete/envs/dev/secrets/secrets.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
- name: bigbang-values
- namespace: bigbang
-stringData:
- values.yaml: |-
- registryCredentials:
- # The presence of valid username/password triggers creation of appropriate ImagePullSecrets
- username: "" # fill these in with real credentials
- password: "" # fill these in with real credentials
- email: bigbang@dsop.io
-
- # TODO
- ingress:
- certificate: "" # while not secret, put it here to keep a consistent api space for updating certs
- privateKey: "" # b64 encoded private key
-
- # TODO
- database:
- host: ""
- username: ""
- password: ""
-
- # TODO
- gitlab.yaml: |-
- database:
- username: ""
- password: ""
\ No newline at end of file
diff --git a/examples/complete/envs/dev/source-secrets.yaml b/examples/complete/envs/dev/source-secrets.yaml
index d3c4069cb3437d4299d58a1e92238a075db44016..c4b6c2b9261c73a5b782def539721d1f98942d05 100644
--- a/examples/complete/envs/dev/source-secrets.yaml
+++ b/examples/complete/envs/dev/source-secrets.yaml
@@ -6,6 +6,7 @@ apiVersion: v1
kind: Secret
metadata:
name: sops-gpg
+ namespace: bigbang
data:
bigbang-dev.asc: LS0tLS1CRUdJTiBQR1AgUFJJVkFURSBLRVkgQkxPQ0stLS0tLQoKbFFjWUJGNm53WHdCRUFDNkJUNDNhNmRhMVBndXNlRUNnRW0wcVlUa3RaMWhVaGgvZVlKUzVXNFdCSDBiL1Q0VwpYVWlWcUNmWUw5ZkxmMFlzRmZoeCtOK3Q3cWNFclZ5V1QwS2lGcHVPTEwwdjUwYllvUkxQRFErRmFvSjFBOFBsCng0VU5CazVmbVR2emZaYUp1WmFrb2ZENDFnbExBV2s1SC9hUCtBNGE5cTMrc2g5clZhYWdnWGk0WEVuWDdOMGEKZmhhMllJNTd5dVBVT0dyL1VOSFdhTFh0YnZUVTA0QVpHZTMwbE1jSi96L2xGeEVjaGRPNGVySHJlWDFScmZ1UQpsYThPYkhzNjlNamkxT0ltcXM0OGNlVy9PYVdNRnVDVmJWM29GWG5sTC9XKytzelVyTGVyMmlWT0J4bUlJb0RFCjhUeC9VOXgweGQ4N04zWWkvOEF5eC9qbStaNlowSlVmYVNCNUZhNmJqOXAzQXp1NEY0TGs0MEh5Rm5QNmt1UEsKQ2Rseld5dHVaNVk1bmQ4eSs0Y3lNZ2dCcGQ1UnF2dVRWbndmdk5FOFczSEROYzhmdGVRbVNiSUFkeVMyV1VzZwp2NTFwZEk1OUt2RmlRNjFyZUZRL3NFSnVDTnJVd1lvMGZma0MxUm1PT2t3TzYvSUVSUHpucFRHd3V4SFJocTBkCk1abHMxdDlBYUo4Z3pBZ0hwMVNDcGpWNWh1NDN5Z2YxUXNLazVTT1JVeFJwOFEzdnpWa2VJNFp2bGhPaS9CUkMKU09vRWNHS1R0SjhkOFQ1WnNraVRsc0ZrYmppdjd0Mld0YXE4QzJkV1YzWTNnT0ZmYStORXhZbHNhNENhZ3hocwpOdjlwNldUTm1ZanRJOVpOM0FMZDJ3alk2c3hjZGJyZ2MrVGlRNWNPbVJOMjNNUG00aGlzdkZFbCtRQVJBUUFCCkFBLy9SYlNkUWNzM1pSUVZBL3BuNUxZSjZJYjFZM2FpeU1zb251djdaL0ROTmJiczRzWWNzK2kwd0UvSXpudnYKRXpSWUtVRDZYa3J5Rm8wdFROVmhzbmwwOEtRa0dqeXRqL3ZNVW5UWlJYa1JiZDhoajVPZm5zVUxHSHhhZGZ4SAp1TkJBenM4YW9ncUU3OW5VbGFTcnQxcEEzR1lKY3hVbzBoNFJJL2x1ZlFySEg5NkZWVUpQQUJScmtsL1FSSmNjCmxIT250SkNtY1ArLzNIOE5nNHJWbjVKVjFxYkJodjk5QSsyRzNmZFFCUHNGSE1YanJlM1NMTFhLYVU5QlJqQmYKN28velJxWU9yaHZJQ2NZaVFNSjUyY1Nud2NYNmJXVnhZdVU4U0IySW5mOGFwNGlGaXJ2VElQbDh3QUcreElzNQpRVWxoSFhCVXB6TEVGRmxKa3ozVUEzY3pVVWZsQ2RPWEtnd3owb2M4ZGJXUDgxa3FhaUxGTStYdnlDNGE1VldHCjE4SzZ0a1Zwc1RSQ2RyZTZoWmxucWczWnB5ZE52bURjQ3ZyVVA5RkF0VjhLbXJmbThDWStzR3ZmYlp2Sm1IMWoKR0dHd2pQd1Ftb3J6YkFaR1hnQXVEcEdMdlJPNXRwMjBBQXlOU0dqZnFDck5JcnQyUnRFdlNMN0VvMXhXSks0Vwo1T3pwV3lYUVBORUl6dWFBZVhCUmpZZExMQlZIRlU4VEoxcmlTbTZKdmNoUENqVytkbE9PNVIyRERaa3QvVkpnCk1zaFJOcWJYd1RXTmRpTW42Wnd4bXR0eGpuckZNS3AzZmVDZXREdDFpYVVZUmFuWVFHUFcybE9yU1hCK0ExMXYKV29ya1Y1TzUvTDNuUWI3MmN2SWJaNWNyeDREemlWVG5TSzJqcndxZTZYVU1OUGtJQU1UOXdCU0JjQ3RWY2RObwpMcURHUzR6VFk2YUJIcm1CVzdTQ0RyRlA2MzhvZTF1ak8vdXhMU3kwdUs5d1R4Tm1VSjVHcXF3aW1UdEhmcDNaCkhzdmlTelJyZXBXMHQxbDBDaWw3dEFyU1hkVWttam5EeDBZUFk0Y09rNlY1SUNWWTBKbU85dzZKZ2tHYnpjSGMKdGpNSFIvdy8xbW9ub3BwMmx3eWpvU0ExeHRTZjRpS2dnc2EvZW5JMnh3aXFQOXdNR0cwSE83ZWRvRVd1djdiMApWZ2Y4ZkQ4Ylc3R24xQ3VjQUROT1orQXFOcVVOSUdIWHZDOHBlNlpkaUY2YlZpQ3JJdG1aNkZjbzlpMVBMaXlUClpHTWFWZ1NqY1JyVm9zVlBDRjBwWXRIaWVlZWNsK0wvUkZ3UUdFMkl3Q1VvdGJHUVNlS2tsUFlzdWJtK1FvbCsKRTZKMlE5c0lBUEcrTkErYzJkdlNCZHFKbmQzWnNHaUFXQkxHVERZa0NENjlyNjdQR2F0YWZsVFFwa2Q2N2ZnWQp3a2pSRFhURlBWWDlQVjNrRzZyYXZ2Uk5sNlFzVEpocU4zcEx4RXNLQlhiOUpGUHZMQlBmLzhyNzVacUczUFM3CmJUZzJNL3BJV3NTU0xRUVVJZlRiVE9ib0RzL0lmUFpaczlDVytMbFFPSjkvbVZGVzA4bHV4cHAwWWtQWjBmakQKM2VrTkxBcXpiWXZIbENiRkFkc2p3Vzl2cnFGTGdPb1haNXNZVEl0Q0x3OG5VMnJudWJ6eENySTNiSUFRQ3N5VwprMVF1YWc5UUdINGg5Sy9OdmRWSTlwUGdXSWRHTjJJUjBxZkF0Zkg1ZHZZcmFDaWhZbGhuVFVVekM4OWRLYlczCnJQemhpbks4cjIzODBDZElsZTZLMWl2TS9RSUhUN3NIL2lteUVEM3JDSW96dzhHMWE2eWJUekVGdUxIaWdCUUgKUzFVRFlaYUd4c0NJaS9YaUFYSjJKb3lvU2tGNzlWNGJtSU8rOG9qT2V2OUF1WlNVNTRYSlNqRkl6THF1L0JBSwptYlZpQUdjS1VrQVVyOXZGOUg0TGpmb0hWTEhKQ3NaY056bG9samVDTHlyUlUvMkRLeWZwUGJ2Nm54Y29xTnVUCnZUaGlaUm1EaDQzT0gvQnFTQkIvQ3luWDd5TmJEdnNRSTdMdUwwSmpmQTE1dTVEZEVibGM1c09VNjR0TEFIU24KWDM0UXB3bkxHbU1Ca0hPOTRnUWFMWmlGUkdENjBCK0VUeWRoeFM4Sm50SVdDeWZ5bXVPK3hFTldUNWxsbWxYTApNVktBcWJlTUQ2TFY5SE5ySWxGOW5oMHNkM2tqUkNlRndNanE2dGJhZmxvMk02b3QvUWRnZlhCNkdyUTdZbWxuClltRnVaeTFrWlhZZ0tGTm9ZWEpsWkNCRVJWWkZURTlRVFVWT1ZDQlBUa3haSUd0bGVTa2dQR0pwWjJKaGJtZEEKWkhOdmNDNXBiejZKQWs0RUV3RUlBRGdXSVFSQnYvaTY4bGhnT2ZZcFBZTmFMb0lNSmY1U2ZBVUNYcWZCZkFJYgpBd1VMQ1FnSEFnWVZDZ2tJQ3dJRUZnSURBUUllQVFJWGdBQUtDUkJhTG9JTUpmNVNmRWtWRC85a25IejluMzRGCnRkRlhLbmYvQXJ0dlhWZDNKTXl4UjE0dWNMTjNWN0FPSldQelMzNjduRmswdXNUdDFDbjRGYkRKd0t3dzFnSmkKUjBIMW9ndU41SnFuakI3aStVelpSQjFoVngxRk10SnZFcmlaUjR0MTZ2cENRd3p0eS9Sa1dmVzNyazkxOW9mawpzOVkzNlVIZFpvZjM1Y2F6UmpKeWJYaGgydFpkb0NHeHArU1htYzEwcTJYVG1CSzRZTnU4aU9jbkptZ0tLeGt1CklXVXQ2YkFUK0hkZnNVdjJINS92aUpkT1JqWjQ2RDBacDJLZGV4cld6M0xja0dBWEt1R25LeVNUSWU4cXlkRTcKbGpYbGh1ZHdjdWtKZmI2Q2l5NmVJdmdlQWxramRlVEhCN1NIK1A4QTUyYThzTUZ5U3FGY0lXVE1Tdi94WHFTbApqYzRGMHcvQ0ZGeXMwaHpnN3RxSEF6VmxVQUNyd3BhLzZnci9wZU1VVUNJdjlUQmZkNENIVS9WZHdwa3dJQmN0CmRwYkwxMlFBMGgwR0NsSHhHaDNJaG1wMnVGVkVickVhYXkrQ2ExQWxLTWdiaDBKZ0ZCSnpHV0owY3NpRHdYZkYKcVN4R1dVcmFwa0Q5WktpY1o1dm8vbGNLaWRmMGpSemxueFlpdnhiOFY1RzExWksycUNzMmtUZjA3U3lFcW1LOApmNTcrci9kNk0vdlRaSG01VUF1Z0pHb0ZkemJrb1E4cHhpdzhwck1INUpVd3JHUko0MHdIK2djSWxqWmFZVENiCmljZmJmcldueStwY3p6aDdndThacmRBdTZOejJPdVYxSUZjZ25GQzZrb01YQlU2RnFsVitlVkdaMjdjYzk5RmMKM0ZoYWNCd2NjTFlKUlJMditLOXhIdlNxMGlzMGdnWHRpSjBIR0FSZXA4RjhBUkFBcVlLSHpDWlVkK0lSaEdrRgpGQ3ZxR3JRL1g5SUt2WlA5b2FTT1BES3c2cUo5VHluMEppZE53RWxxZjRPZ0xjdzgwLzE4c2pBNklGeVZvL1hvClB6Zi9qaHFhNmRBdUpMREhpczZWOEZLMjNVTlZxOG56YjdSZ2JEU1hjU3JkSmRBd2dwVlRHaUJJUWlUa1dlbmkKcE9IbkpqNEVlWjRoUjFvNUw1R2RvVHlhWHp1UGxwZVErcXRKVjJERXdJTmF3bk9zVGYzVWhaaHRHbUc5NlB4bApkbmdnNjFxTXNYaHpYcXJoaVJLZHNBQmYrOTlvUkZzUU41akh4TjVGVnpPSGJXZnZFcXJWKzgrQ1UvMXF6UFRJCmtNVm1NTEt2WkgvS1hsKzFRd05acTlScnRSRk83dGxaS2FBelIrOHEvTTBOTTQyL0xiVjVFTVZBenV1eDdOVE0Kc3hERFFrRndDL0g3d2EyTDNzNVh2T3ZpVjJGZmIvMWhVcDFEa1BPeHM3OHhqV3NTcEJ0QmdvcERvR05sTGU0VgpoYVhFVWdRYjRYdmZSdERsYVZseDd5dVllUHVzN21lQ3dqODhwUVJsMlRnTGhDM1NRV1c0YXJMSHVGUFIzY2NDCkIzbG1iQjFGMnEzNlhENi81RU9zV1NWN1NJSklRanZlMCsvaXMzS0dhUTNwL3Vvam90V3hEeUVjdm5jWGs4bmUKZ0pBQXZaK05oWmR6My9KRTJKVHhDWDdud3RGMXljZkdWYWM2aGNFVUpIbDlZdUhZVVF1UFZwSWZBUHUyemR0ZApWa1EyZG83bkxGS0s0NDROajVxNzhOTyt0THA4dCt3WTFPQXdYaGUxaUZjMitHSnlWdkQwQlkrZWV3MnhocEI2Cm1GUEJZc2dzTE9HbDU0anZpOVlNV1dzVW1tVUFFUUVBQVFBUC9BbmpXbWFYU2RBZ2VPTWZlVE5mQ0czOFc4SU0KTDZJMWN0TXVGVG4vdndCQThFeGc1eVFlb05ONXRPT3hXdk93K1U5b2R4Q3g3WUlieElMbkFtQkZ0UHVtSTZsRwpBcHNUVU9DUkFvQWRZeHR2SlIwN1Q1OFJoNXBvU3ZsSUJkU0IyNEtTa1dGeHhxVk5INkQ3R3NTQmhRbGZEc1hGCmFxMk4zczRla1hKcFpadnVqb2E3V3JLMHNUZU9wb3VRWGdmLzFXcExSMDF2d2RXTEpCZm1PVWo2NHZpM3RJTloKd21rZ1VMMjlQME9ZRWdGUVcvVzQxaTVZRkRjd3ZCekZIYjVORk00aTl3NlVZVWJpL29yc01KTDVZT2V3VkxqcApGM1gvNFVRQ2V3V2lBNUp4YXdoVjEzU3RLckNraS81cE83N3BJdURZdURJNVAzbVNtRE4zaW1WYnNmZ2dIMXJRCjNYOFNwYm5DVGtOOHNqLy8wOFhXTkV2SFpRZ2MyTFVSUjZEZ3ZVMXkzNkFCdW9wT3cydkRSSndDWG9obUlmUXgKbERnQVlvUUR5UHhvMnZ1UGszM1UycEd0R003d3ViUjd3U3M2OWZWdXQ0cnlra2FpaEgxNHRuQTI2V012RmdzMApROGI3aG56NTFWNUFGRW1tcEk4RGxUb0VXRkdjY1FwRnJrQzYrV0UzWEVuTFJUWGlnS1piRlZob2hXUndiSGxzCndsTmVoSGR5UWRJN1lsRU1MTlFQVEJnZFhCWHNoRitWeUJQai9vTm54TXJvdEovNGFoQklSdm04R2RCbG44amkKRVZiMnlMNUpDVWZhckUwTWdLVy9uVWJzRkN3eVFrQlVEYVIvdWhnWmhsYmJ2ZGFUZVBXcEkreHBJdTdKUmR3TgpPOHRMZzMyNk5RTnkxbUdoQ0FERTFUZHhTa25oS285RC9Xejh4UjF3MUlWRWllZGJMWjI2OXVpSmRxajFNcGs3ClkwTGt3aEx0YWdzRVZrbGMvU1d6VDRzaW9aQUpWb2JnQTVVQ2JJUXZVTldEZHF0M1FXWU1QcUgvUTByUUhZZmIKNzNndG1Wc2xaWFdHVFdJdXZ3UFExcjhtdTRmenEyRDk4MzlEMGdyM0VpdmlYWEFSaTMrRlNqakJLTHV5Y2J3cQpkZGoyNGFCVXdmTGY0RXgzUjNJekdoRUpsSFBpTVYwbjE5T0p4Mko1c0RwdkhiL05tdGVieUtVRXRmcFFSYlIzCjJ2dk1UOU00YlVxWm5Lc2xkYlpZZkRpZzl2SHl0TFFIZ29PVGRBQW10bkxDTW1jaTZoa0tBQm10WGs3aS9EV28KZGJaTTY5MUVicExZK0ZwRVhLWElTdkFuVEZaRnY3dGN0dm5QUyttcENBRGNkcjI0YzkyMDQ3cEhEYWRCc29IcgpkLzBqY0JpVVZFSS9DVWZESEF1Yjl4Q3dRS0FkM242MWFjcUs1djQxL2ZibXhaNS95TUhzQkxhR3diVk82YUtICnVCUEhTeERZQlNkdDl3NGtnLzFid0ZtYUR3TmpKaDBjaVRPOWRzYlJFMWgyckNpUXdXUUs5d1AwTkhXYmxPYlUKeWlwdDJKcFdsWHRDS3U1dFE0dVc2THNwQlc0S3NPVThGRmxaSy9rdGtBeEtLL0xsNFFWSThGUTBTN3cwYjlVcApHMUx2NnZ3MDBHa1EvRFRxZEtuOG5xTmphUzAwVkdQZHpXSW5mRjJCT0F1M3RoNFhXTkF2Rmx2VEFKVVk2RGlrClJJdTVxeEE4S2NyQUFHUkRoMVQzTi8vMkNFdUJWQnd4RmVCOTRhRENmekdpc040OG1ueDd0OHpnenhHS0hmaGQKQi8wZnJ4Z0RneUpmc3U3MjRYYTJoUTh6WFVoNEdiYXY4YVdINmF5K1ZQVUw3bzhacmpXN09hQjVWNmVBdjBGUwpnM2YzM2JkekJSY0gxSHMxQVhWckpWS1B6Mk5UbVk3NEVSSkg3Qkp4T21xMDlTc1hGQ1JPeXZHaW8xSkoxVm9jCm8vbUR5SDVCWWFsbjY5UWU0UUdYTFJQMlF4NVR5OEtjY05EcEJWRG02YlhnTFhaK1NxUUZlZFVpdkswcEMzYUQKbFc2eUhManorWUhwWk1ydWxmR2JCa2dKMml6SDJkWTFEUWZDbjhTcGRReG5aNW5PRDNtYU0zSTJRdTVlM20rawp2NVN1SlJXQVkvZnBwUlY3WDRvK0p0NnpaSEViMmF6blRYQ3I0R2NySGsycytFdS9GV1FHVjBpbmtWTTQvci9vCno4Mlo0ZEZvekhzQWZtL3piTzJXbVZUZmZTMkpBallFR0FFSUFDQVdJUVJCdi9pNjhsaGdPZllwUFlOYUxvSU0KSmY1U2ZBVUNYcWZCZkFJYkRBQUtDUkJhTG9JTUpmNVNmQXBqRC85Mk9RTDdUbnBBemFSR05NMDFPMUtVTGFHVApkYWsvZkVwa2NUMTFrMWRKeDY3b1NrdmRvYWlSK1NMbWsvaHJJVmJ1MWxINzd3b1JYcmxpdHRCSmFkbExsbDFoCnFkSGd1RHdBQ0Q3QVZpMkZhdlRvTVNVSHF6L01NaFVkS3Jvd3lPdmVGbSsweCtSeFFoWTlId2lzbGRpZ1pyT2UKajNWdFZRR2NHSU5YYmFOdUdUSUNScU5nMXhDdmdzMm9EU0d0VE1DU2N1ZzNMTUVnaEpYUGVIZHdyVy9HcFJoMgo4WkxIbS9Qem1NMTRUUjhpV2pmWkVNMDZ0djZxaGc2NUVMNEVtNG5XUXdRbjgwbnFtNGMwWnk2RjlKd2tmbnYxCm1rVGJISnBUUDQ4SWlQNW12WGVtNHN5R0JhSFZ2RzlMdXpKZUxCV09qdUVQQUFBTCs2QzR2UkZhK29KL09PaU0Kb0xVbWVyMjg2ZDV6cWJwb05PVjI5RUMvYS9uc2ZBMTZNWHhXQmNTV0s5ZHlxekc3K1pjTEZSRHdkdmhkYzNrWgp3eXhOR0hocHROVHAwU3hkb2JBa0N5R3VFMVJTNWtuWUNjTTJ0dnZFVmxhUHNzbldoVlQ4OXMzYndVWnl6eU05CkllM0FuSTBZajNqVFZnRU9IaUdpMVpleFNNa3NTSEZzVG93Rk1TUXF0L0FJV25tL0tPZ1E3dkFLbjUxVFdaTW8KZ0lKakMxelMwZjlYalpiZzFTdWRUanF5TkJjRDc3cEVFZWxsUHZ2V2ZFd2VIeHY3UTBKamhKMFNBNTZsM0ZSRgpYZm0wSGY2a0lMSEV4MEVGbElkTXNPTFp6c3Y4UzRuRkdjN2RzTzBKdHdWTW5FWm9VN1J4M3BQQkpaZGx6akYvCnQzZ2xmTnNFSnI2YTdKQWltdz09Cj1mM1I0Ci0tLS0tRU5EIFBHUCBQUklWQVRFIEtFWSBCTE9DSy0tLS0tCg==
@@ -14,19 +15,20 @@ apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: GitRepository
metadata:
name: secrets
+ namespace: bigbang
spec:
interval: 1m0s
# NOTE: We could use the same "bigbang" repository, but secrets are usually committed to a consumer owned repo,
# so we are demonstrating that here with a new `GitRepository` resource pointed to the same repo
url: https://repo1.dsop.io/platform-one/big-bang/umbrella.git
ref:
- branch: valuesfrom
-
+ branch: certs
---
apiVersion: kustomize.toolkit.fluxcd.io/v1beta1
kind: Kustomization
metadata:
name: secrets
+ namespace: bigbang
spec:
interval: 5m0s
sourceRef:
@@ -34,6 +36,7 @@ spec:
name: secrets
namespace: bigbang
# See the NOTE above
+ # NOTE: This points to a folder _without_ a kustomization.yaml, flux generates the kustomization.yaml for us with resources comprised of all the files within the folder
path: "./examples/complete/envs/dev/secrets"
prune: true
decryption: