Resolve "Bug: Flux Install script was updated to leverage a broken/buggy IronBank Kustomization Controller" (!734) · Merge requests · Big Bang / bigbang

Mark Sanchez requested to merge 584-bug-flux-install-script-was-updated-to-leverage-a-broken-buggy-ironbank-kustomization-controller into master Aug 09, 2021

Summary

Update command for Deploy your SOPS private key to work with current version of flux.

# registry1.dso.mil/ironbank/fluxcd/helm-controller:v0.11.0        
# registry1.dso.mil/ironbank/fluxcd/kustomize-controller:v0.13.0   
# registry1.dso.mil/ironbank/fluxcd/notification-controller:v0.15.0
# registry1.dso.mil/ironbank/fluxcd/source-controller:v0.14.0

Older flux version can utilize the secret when generated with gpg --export-secret-key --armor ${fp} | kubectl create secret generic sops-gpg -n bigbang --dry-run=client -o yaml --from-file=bigbangkey=/dev/stdin | kubectl apply -f -

When using latest version of flux the secret must be generated with .asc extension

gpg --export-secret-key --armor ${fp} | kubectl create secret generic sops-gpg -n bigbang --from-file=bigbangkey.asc=/dev/stdin

or else you will get the following error

Group 0: FAILED
  CEB7F6F3F629F774608360DE198438480DB3E1E9: FAILED
    - | could not decrypt data key with PGP key:
      | golang.org/x/crypto/openpgp error: Could not load secring:
      | open /tmp/decryptor-environment-022459279/secring.gpg: no
      | such file or directory; GPG binary error: exit status 2

Closes https://repo1.dso.mil/platform-one/big-bang/bigbang/-/issues/584

Edited Aug 09, 2021 by Mark Sanchez

Admin message

Resolve "Bug: Flux Install script was updated to leverage a broken/buggy IronBank Kustomization Controller"

Merge request reports