diff --git a/kubernetes/apps/crossplane-system/crossplane/app/helmrelease.yaml b/kubernetes/apps/crossplane-system/crossplane/app/helmrelease.yaml index 952d21b59..c9037c748 100644 --- a/kubernetes/apps/crossplane-system/crossplane/app/helmrelease.yaml +++ b/kubernetes/apps/crossplane-system/crossplane/app/helmrelease.yaml @@ -25,3 +25,6 @@ spec: uninstall: keepHistory: false values: + provider: + packages: + - ghcr.io/vshn/provider-minio/provider:v0.1.0 diff --git a/kubernetes/apps/crossplane-system/crossplane/ks.yaml b/kubernetes/apps/crossplane-system/crossplane/ks.yaml index 7497f120b..737814741 100644 --- a/kubernetes/apps/crossplane-system/crossplane/ks.yaml +++ b/kubernetes/apps/crossplane-system/crossplane/ks.yaml @@ -18,3 +18,25 @@ spec: interval: 30m retryInterval: 1m timeout: 5m +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app crossplane-minio-config + namespace: flux-system +spec: + dependsOn: + - name: crossplane + path: ./kubernetes/apps/crossplane-system/crossplane/minio-config + targetNamespace: crossplane-system + commonMetadata: + labels: + app.kubernetes.io/name: *app + prune: true + sourceRef: + kind: GitRepository + name: home-kubernetes + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m diff --git a/kubernetes/apps/crossplane-system/crossplane/minio-config/kustomization.yaml b/kubernetes/apps/crossplane-system/crossplane/minio-config/kustomization.yaml new file mode 100644 index 000000000..a35755a99 --- /dev/null +++ b/kubernetes/apps/crossplane-system/crossplane/minio-config/kustomization.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./providerconfig.yaml + - ./secret.sops.yaml diff --git a/kubernetes/apps/crossplane-system/crossplane/minio-config/providerconfig.yaml b/kubernetes/apps/crossplane-system/crossplane/minio-config/providerconfig.yaml new file mode 100644 index 000000000..aea64c6a9 --- /dev/null +++ b/kubernetes/apps/crossplane-system/crossplane/minio-config/providerconfig.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: minio.crossplane.io/v1 +kind: ProviderConfig +metadata: + name: minio-config +spec: + credentials: + apiSecretRef: + name: minio-credentials + namespace: crossplane-system + source: InjectedIdentity + minioURL: http://minio.default.svc.cluster.local:9000 diff --git a/kubernetes/apps/crossplane-system/crossplane/minio-config/secret.sops.yaml b/kubernetes/apps/crossplane-system/crossplane/minio-config/secret.sops.yaml new file mode 100644 index 000000000..69525982b --- /dev/null +++ b/kubernetes/apps/crossplane-system/crossplane/minio-config/secret.sops.yaml @@ -0,0 +1,27 @@ +apiVersion: v1 +kind: Secret +metadata: + name: minio-credentials +stringData: + AWS_ACCESS_KEY_ID: ENC[AES256_GCM,data:3qLrlpnlfXlhVwjGrIsD9A==,iv:MTW03m2lFzpcjOG7p9qBHvtPrEZN+Nil/oT5DeI+m78=,tag:eGJn100G69dGgS3Bydt4Sg==,type:str] + AWS_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:pDr3UJueK3iKCoSaE7anAp5uClriFaadz5/Eruksf59Mh3sZiRnR6MHVx+KvxXo7DYIzx+KD30i/G7JjrY/nRqNRZgqb0mB3NHSJ4t71qJWQaoCUP1TDW+XOqu1bUXWoXsej1Ldh5LFvczPf8N3YX5RlqdrL39HO+6HsbhtBIi8=,iv:4CdF5L0zx3ijf+QFiYyZC8e4ULA6q0uA+P+KT2Adadk=,tag:+mnPDfLM+RFJEvNUXx27sA==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1w68rvrv30t2xfm42ctr02vurav5222065pl03ys6ps5aklraq42s4jeyjl + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzNGhJUlJIUTFVT3BVSVc0 + andKZENwK0NFazBTYzJRZTBCMlZZODlHSGk4Cjh2bFI5SnBSS1Z6MTQ0RUNyZlR4 + MnBVNUVab3l5UFMxZ1ZWcXpoOUtaU0EKLS0tIGNHbXZRZGI5cjV3dm1mM2VaUTY4 + S0tkSkVhY0RiNjZVSTlLVStIQTNTUXcKo5iNXp8U2j6JaBswmXo1YFjnFGW0h2Ns + mY3qj8Peqg1Bi4hjdTdlso4Y7gjWoZGO+9gPa3m9RFJBUioxO0giHQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-02-05T04:01:30Z" + mac: ENC[AES256_GCM,data:TJaGMFZp6ALZ2lw8QHKWvxi6HC0/eP4zAVA0ixryk8SIPOKVfS4qVWt5SV92HNRtegONcUMQ83P54ouSKUMnXBcnVY2XqxCzpuriQxaBJWr7B7wAjaP3/Dtu1UZrbp3YnwFKEFKQXx61rNi9rRtlTU3yKHKziXvOkbjsDN4Ikes=,iv:UB96KMQ3KaOfQe8dT1MJdHYLyrR4e1tmb0I47uzF17c=,tag:G0RwXwX7FPlCA6h/wQMM3A==,type:str] + pgp: [] + encrypted_regex: ^(data|stringData)$ + version: 3.8.1