diff --git a/gitlab-runner/templates/gitlab-secret-sealed.yaml b/gitlab-runner/templates/gitlab-secret-sealed.yaml deleted file mode 100644 index 47f3cee..0000000 --- a/gitlab-runner/templates/gitlab-secret-sealed.yaml +++ /dev/null @@ -1,56 +0,0 @@ -#apiVersion: bitnami.com/v1alpha1 -#kind: SealedSecret -#metadata: -# creationTimestamp: null -# name: gitlab-secret -# namespace: gitlab-runner -#spec: -# encryptedData: -# runner-registration-token: AgAp5TsqtVCMYNKC/H/VetcFBKKJsab6xzxDuycgBzJdXg3cgklvlh5rlRIeINHHYzRUATPg7xeU0BtvJ9UG8dgWV9Bx7pq2hUEGB0MSNQE1HdTBE4avbMOAbsXiPLefYoeGm7nPHvRS5m+1x2gY1VuvE4wpqdO04ROrBceJP6e1dtDKkmNfqg4V1laB9Y69d68iLIN6lJ3Jh2x4HD9AREftBh0vfFuX1MOivAJ40ZzruhqBvtRn5BMdsk4eRyIZdfeO0SLPm4OV1/KUW3LbRq/BdxKvuEovF0CM9vsBGfgFKWNdBmbM52X4HUVeuSQXmNFzUIOCQcxFPFFRguxfQmjtBAsICGCvOlL89iNIoc12g0ZBdwDZYKx/MjeJDrdPWUlfMW/RvHEWzsBOu/rb1RljEvx1PTFuCInEPaLd/sHs3xyf4QJpzNw5M3uRav009UQf6cwseFKoJTbZVxg4QfJj3HSdPRfk6nfebcwJVm8niw5jy+tA1TtqGfCtHMKNNsctHQV/0eHf2MPyrNyWHBnhylDPxA7aKq0RaWff+rRkbEKL7ODHR7xkCKbV3gYt2gBrN4Fif9G0yLGP0Oz70L1aR8Xuh2VfF314/EPTE+fSYXexr6lzMCGbQS//DQQy0DvV1i8wgno9n6jBPYOOkSUaSexKDLWtB5uXpkbBPVXzw7npZZNe1kyid58CYnulXpJZtfyhUlVvc+hJTaZ6K0pVwVqg/YxvA+AdI9lKiw== -# runner-token: AgBrQtK4/1DwadqCWigyPQyU6n/x67pXEEVCVDVTd8yX3yREBXxTkRNlbYiNgMSegZyymnTCg8mIN9VLuwlLUM1EEHh6sAyIQBQCdNryXtpXAC55PY0iRuV/ztbQl8Sf+rLzL+2Jsq7hXKLL3Mam41ZW36pVWcN3msZac0ScOdHy5J2jWuTFiGF23FPDUSOWKB9ZtYgSTtLmXBiYHiwA8INerY0UXt0/BptYKui7rT6GKHWUvLTaLXlAb3lFiHzj2rLmuvo1IF5Ld6EtLKOOmTYAOvd3hVTt5KAc+6O/UEa7/OZ7jLC8WvfSWobd4HTe3drZyOlLpEiwpxpftdMEaZGL/kBKl+TM6rbxLlEIwiR9Zr2cCbqQ5R8GydPsCqbYaPDrQkLwXxaOvZXMtNJA5f86Ukg1sy9r/MO7T9sfgKzUF25iyqoBHy0EqQjNIQ7CHSMQ8Llfi3Qf9Jybb/WQz8urEpaOB7mQrtV2yU4LAkhql/ppPMD6ZErW2FQ6+ESiuTRAmkZm7XlQkxA5oKHQn7PhK/OYRAPcRBFjYdDTAb1gAtpti77W3HHUqU/u1sH6pjo4mVg0QepwM04X5T55LmAAK5PWgyu7fHZaQVkEEet3TsjHCHo4L3gt4so/5KtMneKrFJgExbxHi5tzLCMNuEbgXQ7NOa3Y8Lj0KxV2odeoKZUSrxhuGbAhbnFuqmOb28/GsTI/dLnMXwhRe2//KE11mhDa3A== -# template: -# data: null -# metadata: -# creationTimestamp: null -# name: gitlab-secret -# namespace: gitlab-runner - ---- - -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: vault-gitlab -spec: - secretStoreRef: - name: vault-gitlab - kind: SecretStore - target: - name: gitlab-secret - data: - - secretKey: runner-registration-token - remoteRef: - key: gitlab/runner - property: runner-registration-token - - secretKey: runner-token - remoteRef: - key: gitlab/runner - property: runner-token - - ---- - -apiVersion: external-secrets.io/v1beta1 -kind: SecretStore -metadata: - name: vault-gitlab -spec: - provider: - vault: - server: "http://vault.vault.svc.cluster.local:8200" - path: "gitlab" - version: "v2" - auth: - kubernetes: - mountPath: "kubernetes" - role: "external-secrets" \ No newline at end of file diff --git a/gitlab-runner/templates/secrets.yaml b/gitlab-runner/templates/secrets.yaml new file mode 100644 index 0000000..0f16b08 --- /dev/null +++ b/gitlab-runner/templates/secrets.yaml @@ -0,0 +1,37 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: vault-gitlab +spec: + secretStoreRef: + name: vault-gitlab + kind: SecretStore + target: + name: gitlab-secret + data: + - secretKey: runner-registration-token + remoteRef: + key: gitlab/runner + property: runner-registration-token + - secretKey: runner-token + remoteRef: + key: gitlab/runner + property: runner-token + + +--- + +apiVersion: external-secrets.io/v1beta1 +kind: SecretStore +metadata: + name: vault-gitlab +spec: + provider: + vault: + server: "http://vault.vault.svc.cluster.local:8200" + path: "gitlab" + version: "v2" + auth: + kubernetes: + mountPath: "kubernetes" + role: "external-secrets" \ No newline at end of file