diff --git a/.taskfiles/bootstrap/Taskfile.yaml b/.taskfiles/bootstrap/Taskfile.yaml new file mode 100644 index 0000000000..dede222c48 --- /dev/null +++ b/.taskfiles/bootstrap/Taskfile.yaml @@ -0,0 +1,114 @@ +--- +# yaml-language-server: $schema=https://taskfile.dev/schema.json +version: "3" + +vars: + GITHUB_DEPLOY_KEY_FILE: "{{.KUBERNETES_DIR}}/bootstrap/flux/github-deploy-key.sops.yaml" + TALHELPER_CLUSTER_DIR: "{{.KUBERNETES_DIR}}/bootstrap/talos/clusterconfig" + TALHELPER_SECRET_FILE: "{{.KUBERNETES_DIR}}/bootstrap/talos/talsecret.sops.yaml" + TALHELPER_CONFIG_FILE: "{{.KUBERNETES_DIR}}/bootstrap/talos/talconfig.yaml" + +env: + TALOSCONFIG: "{{.TALHELPER_CLUSTER_DIR}}/talosconfig" + +tasks: + talos: + desc: Bootstrap the Talos cluster + dir: "{{.KUBERNETES_DIR}}/bootstrap/talos" + cmds: + - '{{if eq .TALHELPER_SECRET_EXISTS "false"}}talhelper gensecret > {{.TALHELPER_SECRET_FILE}}{{end}}' + - '{{if eq .TALHELPER_SECRET_EXISTS "false"}}sops --encrypt --in-place {{.TALHELPER_SECRET_FILE}}{{end}}' + - talhelper genconfig --config-file {{.TALHELPER_CONFIG_FILE}} --secret-file {{.TALHELPER_SECRET_FILE}} --out-dir {{.TALHELPER_CLUSTER_DIR}} + - talhelper gencommand apply --config-file {{.TALHELPER_CONFIG_FILE}} --out-dir {{.TALHELPER_CLUSTER_DIR}} --extra-flags="--insecure" | bash + - until talhelper gencommand bootstrap --config-file {{.TALHELPER_CONFIG_FILE}} --out-dir {{.TALHELPER_CLUSTER_DIR}} | bash; do sleep 10; done + - until talhelper gencommand kubeconfig --config-file {{.TALHELPER_CONFIG_FILE}} --out-dir {{.TALHELPER_CLUSTER_DIR}} --extra-flags="{{.ROOT_DIR}} --force" | bash; do sleep 10; done + - task: apps + - talosctl health --server=false + vars: + TALHELPER_SECRET_EXISTS: + sh: test -f {{.TALHELPER_SECRET_FILE}} && echo true || echo false + preconditions: + - msg: Missing talhelper config file + sh: test -f {{.TALHELPER_CONFIG_FILE}} + - msg: Missing Sops config file + sh: test -f {{.SOPS_CONFIG_FILE}} + - msg: Missing Sops Age key file + sh: test -f {{.SOPS_AGE_KEY_FILE}} + + flux: + desc: Bootstrap Flux into the Talos cluster + cmds: + - '{{if eq .GITHUB_DEPLOY_KEY_EXISTS "true"}}kubectl create namespace flux-system --dry-run=client -o yaml | kubectl apply --filename -{{end}}' + - '{{if eq .GITHUB_DEPLOY_KEY_EXISTS "true"}}sops exec-file {{.GITHUB_DEPLOY_KEY_FILE}} "kubectl apply --server-side --filename {}"{{end}}' + - kubectl apply --server-side --kustomize {{.KUBERNETES_DIR}}/bootstrap/flux + - '{{if eq .SOPS_SECRET_EXISTS "false"}}cat {{.SOPS_AGE_KEY_FILE}} | kubectl --namespace flux-system create secret generic sops-age --from-file=age.agekey=/dev/stdin{{end}}' + - sops exec-file {{.KUBERNETES_DIR}}/flux/vars/cluster-secrets.sops.yaml "kubectl apply --server-side --filename {}" + - kubectl apply --server-side --filename {{.KUBERNETES_DIR}}/flux/vars/cluster-settings.yaml + - kubectl apply --server-side --kustomize {{.KUBERNETES_DIR}}/flux/config + vars: + GITHUB_DEPLOY_KEY_EXISTS: + sh: test -f {{.GITHUB_DEPLOY_KEY_FILE}} && echo true || echo false + SOPS_SECRET_EXISTS: + sh: kubectl --namespace flux-system get secret sops-age &>/dev/null && echo true || echo false + preconditions: + - msg: Missing kubeconfig + sh: test -f {{.KUBECONFIG}} + - msg: Missing Sops Age key file + sh: test -f {{.SOPS_AGE_KEY_FILE}} + + apps: + internal: true + dir: "{{.KUBERNETES_DIR}}/bootstrap/talos" + cmds: + - until kubectl wait --for=condition=Ready=False nodes --all --timeout=600s; do sleep 10; done + - helmfile --file {{.KUBERNETES_DIR}}/bootstrap/helmfile.yaml apply --skip-diff-on-install --suppress-diff + - until kubectl wait --for=condition=Ready nodes --all --timeout=600s; do sleep 10; done + preconditions: + - msg: Missing kubeconfig + sh: test -f {{.KUBECONFIG}} + - msg: Missing helmfile + sh: test -f {{.KUBERNETES_DIR}}/bootstrap/helmfile.yaml + + age-keygen: + desc: Bootstrap the Sops Age key + cmd: age-keygen --output {{.SOPS_AGE_KEY_FILE}} + status: + - test -f {{.SOPS_AGE_KEY_FILE}} + + encrypt: + desc: Encrypt all Kubernetes SOPS secrets + cmd: | + find "{{.KUBERNETES_DIR}}" -type f -name "*.sops.*" | while read -r file; do + if sops filestatus "${file}" | jq --exit-status ".encrypted == false" &>/dev/null; then + sops --encrypt --in-place "${file}" + fi + done + preconditions: + - msg: Missing Sops config file + sh: test -f {{.SOPS_CONFIG_FILE}} + - msg: Missing Sops Age key file + sh: test -f {{.SOPS_AGE_KEY_FILE}} + + clean: + desc: Clean files and directories no longer needed after cluster bootstrap + cmds: + # Create backup directory + - mkdir -p {{.ROOT_DIR}}/.private + # Clean up CI + - rm -rf {{.ROOT_DIR}}/.github/tests + - rm -rf {{.ROOT_DIR}}/.github/workflows/e2e.yaml + # Clean up devcontainer + - rm -rf {{.ROOT_DIR}}/.devcontainer/ci + - rm -rf {{.ROOT_DIR}}/.github/workflows/devcontainer.yaml + # Move bootstrap directory to gitignored directory + - mv {{.BOOTSTRAP_DIR}} {{.ROOT_DIR}}/.private/bootstrap-{{.TS}} + - mv {{.MAKEJINJA_CONFIG_FILE}} {{.ROOT_DIR}}/.private/makejinja-{{.TS}}.toml + # Update renovate.json5 + - sed -i {{if eq OS "darwin"}}''{{end}} 's/(..\.j2)\?//g' {{.ROOT_DIR}}/.github/renovate.json5 + vars: + TS: "{{now | unixEpoch}}" + preconditions: + - msg: Missing bootstrap directory + sh: test -d {{.BOOTSTRAP_DIR}} + - msg: Missing Renovate config file + sh: test -f {{.ROOT_DIR}}/.github/renovate.json5 diff --git a/.taskfiles/flux/Taskfile.yaml b/.taskfiles/flux/Taskfile.yaml index 63da7018a3..dbd0453f68 100644 --- a/.taskfiles/flux/Taskfile.yaml +++ b/.taskfiles/flux/Taskfile.yaml @@ -6,7 +6,7 @@ vars: # renovate: datasource=github-releases depName=prometheus-operator/prometheus-operator PROMETHEUS_OPERATOR_VERSION: v0.77.1 # renovate: datasource=github-releases depName=kubernetes-sigs/gateway-api - GATEWAY_API_VERSION: v1.0.0 + GATEWAY_API_VERSION: v1.2.0 CLUSTER_SECRET_SOPS_FILE: "{{.KUBERNETES_DIR}}/flux/vars/cluster-secrets.sops.yaml" CLUSTER_SETTINGS_FILE: "{{.KUBERNETES_DIR}}/flux/vars/cluster-settings.yaml" GITHUB_DEPLOY_KEY_FILE: "{{.KUBERNETES_DIR}}/bootstrap/flux/github-deploy-key.sops.yaml" @@ -20,7 +20,6 @@ tasks: - kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --filename https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/{{.PROMETHEUS_OPERATOR_VERSION}}/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml - kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --filename https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/{{.PROMETHEUS_OPERATOR_VERSION}}/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml - kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --filename https://github.com/kubernetes-sigs/gateway-api/releases/download/{{.GATEWAY_API_VERSION}}/standard-install.yaml - - kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --filename https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/{{.GATEWAY_API_VERSION}}/config/crd/experimental/gateway.networking.k8s.io_grpcroutes.yaml - kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --filename https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/{{.GATEWAY_API_VERSION}}/config/crd/experimental/gateway.networking.k8s.io_tlsroutes.yaml - kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --kustomize {{.KUBERNETES_DIR}}/bootstrap/flux - cat {{.AGE_FILE}} | kubectl -n flux-system create secret generic sops-age --from-file=age.agekey=/dev/stdin diff --git a/.taskfiles/kubernetes/Taskfile.yaml b/.taskfiles/kubernetes/Taskfile.yaml index a38cf1b5b8..4484fb769e 100644 --- a/.taskfiles/kubernetes/Taskfile.yaml +++ b/.taskfiles/kubernetes/Taskfile.yaml @@ -6,13 +6,48 @@ vars: KUBECONFORM_SCRIPT: "{{.SCRIPTS_DIR}}/kubeconform.sh" tasks: + apply-ks: + desc: Apply a Flux Kustomization resource for a cluster + summary: |- + PATH: Path to the Flux Kustomization resource from the apps base dir (required, e.g. network/echo-server) + NS: Namespace the Flux Kustomization exists in (default: flux-system) + cmd: > + flux build --namespace {{.NS}} ks {{base .PATH}} + --kustomization-file {{.KUBERNETES_DIR}}/apps/{{.PATH}}/ks.yaml + --path {{.KUBERNETES_DIR}}/apps/{{.PATH}} + {{- if contains "not found" .KS }}--dry-run \{{ end }} + | yq 'with(select(.apiVersion == "kustomize.toolkit.fluxcd.io/v1" and .kind == "Kustomization"); .metadata.namespace = "{{.NS}}")' - + | kubectl apply --server-side --field-manager=kustomize-controller -f - + requires: + vars: [PATH] + vars: + NS: '{{.NS | default "flux-system"}}' + KS: + sh: flux --namespace {{.NS}} get kustomizations {{base .PATH}} 2>&1 + preconditions: + - test -f {{.KUBERNETES_DIR}}/apps/{{.PATH}}/ks.yaml + + reconcile: + desc: Force update Flux to pull in changes from your Git repository + cmd: flux reconcile --namespace flux-system kustomization cluster --with-source + preconditions: + - msg: Missing kubeconfig + sh: test -f {{.KUBECONFIG}} + + kubeconform: + desc: Validate Kubernetes manifests with kubeconform + cmd: bash {{.KUBECONFORM_SCRIPT}} {{.KUBERNETES_DIR}} + preconditions: + - msg: Missing kubeconform script + sh: test -f {{.KUBECONFORM_SCRIPT}} + resources: desc: Gather common resources in your cluster, useful when asking for support cmds: - - for: {var: resource} + - for: {var: RESOURCE} cmd: kubectl get {{.ITEM}} {{.CLI_ARGS | default "-A"}} vars: - resource: >- + RESOURCE: >- nodes gitrepositories kustomizations @@ -22,14 +57,6 @@ tasks: certificaterequests ingresses pods - - kubeconform: - desc: Validate Kubernetes manifests with kubeconform - cmd: bash {{.KUBECONFORM_SCRIPT}} {{.KUBERNETES_DIR}} preconditions: - - msg: "Missing kubeconform script" - sh: "test -f {{.KUBECONFORM_SCRIPT}}" - - .reset: - internal: true - cmd: rm -rf {{.KUBERNETES_DIR}} + - msg: Missing kubeconfig + sh: test -f {{.KUBECONFIG}} diff --git a/.taskfiles/talos/Taskfile.yaml b/.taskfiles/talos/Taskfile.yaml index 2742d5556a..5f1c2a2203 100644 --- a/.taskfiles/talos/Taskfile.yaml +++ b/.taskfiles/talos/Taskfile.yaml @@ -13,71 +13,6 @@ env: TALOSCONFIG: "{{.TALOS_DIR}}/clusterconfig/talosconfig" tasks: - bootstrap: - desc: Bootstrap the Talos cluster - dir: "{{.TALOS_DIR}}" - cmds: - - task: bootstrap-gensecret - - task: bootstrap-genconfig - - task: bootstrap-apply - - task: bootstrap-install - - task: fetch-kubeconfig - - task: bootstrap-apps - - talosctl health --server=false - - bootstrap-gensecret: - desc: Generate the Talos secrets - dir: "{{.TALOS_DIR}}" - cmds: - - talhelper gensecret > {{.TALHELPER_SECRET_FILE}} - - task: :sops:.encrypt-file - vars: - file: "{{.TALHELPER_SECRET_FILE}}" - preconditions: - - msg: "Missing talhelper config file" - sh: "test -f {{.TALHELPER_CONFIG_FILE}}" - - status: - - test -f "{{.TALHELPER_SECRET_FILE}}" - - bootstrap-genconfig: - desc: Generate the Talos configs - dir: "{{.TALOS_DIR}}" - cmd: talhelper genconfig - preconditions: - - msg: "Missing talhelper config file" - sh: "test -f {{.TALHELPER_CONFIG_FILE}}" - - bootstrap-apply: - desc: Apply the Talos config on a node - dir: "{{.TALOS_DIR}}" - cmd: talhelper gencommand apply --extra-flags=--insecure | bash - preconditions: - - msg: "Missing talhelper config file" - sh: "test -f {{.TALHELPER_CONFIG_FILE}}" - - bootstrap-install: - desc: Install the Talos cluster - dir: "{{.TALOS_DIR}}" - cmds: - - echo "Installing Talos... ignore the errors and be patient" - - until talhelper gencommand bootstrap | bash; do sleep 10; done - - sleep 10 - preconditions: - - msg: "Missing talhelper config file" - sh: "test -f {{.TALHELPER_CONFIG_FILE}}" - - bootstrap-apps: - desc: Bootstrap core apps needed for Talos - dir: "{{.TALOS_DIR}}" - cmds: - - until kubectl --kubeconfig {{.KUBECONFIG_FILE}} wait --for=condition=Ready=False nodes --all --timeout=600s; do sleep 10; done - - helmfile --file ./apps/helmfile.yaml apply --skip-diff-on-install --suppress-diff - - until kubectl --kubeconfig {{.KUBECONFIG_FILE}} wait --for=condition=Ready nodes --all --timeout=600s; do sleep 10; done - preconditions: - - msg: "Missing kubeconfig" - sh: "test -f {{.KUBECONFIG_FILE}}" - upgrade-talos: desc: Upgrade talos on a node cmd: talosctl --nodes {{.node}} upgrade --image {{.image}} --preserve=true --reboot-mode=default diff --git a/.taskfiles/workstation/Brewfile b/.taskfiles/workstation/Brewfile index 0d31dc6785..6442f0c15f 100644 --- a/.taskfiles/workstation/Brewfile +++ b/.taskfiles/workstation/Brewfile @@ -1,6 +1,6 @@ tap "fluxcd/tap" tap "go-task/tap" -tap "siderolabs/talos" +tap "siderolabs/tap" brew "age" brew "cloudflared" brew "direnv" @@ -13,8 +13,8 @@ brew "kubeconform" brew "kubernetes-cli" brew "kustomize" brew "moreutils" +brew "siderolabs/tap/talosctl" brew "sops" brew "stern" brew "talhelper" -brew "talosctl" brew "yq" diff --git a/.taskfiles/workstation/Brewfile.lock.json b/.taskfiles/workstation/Brewfile.lock.json index 370f305d1f..bd49df1a0a 100644 --- a/.taskfiles/workstation/Brewfile.lock.json +++ b/.taskfiles/workstation/Brewfile.lock.json @@ -2,250 +2,228 @@ "entries": { "tap": { "fluxcd/tap": { - "revision": "cec52c8828013668a22836bc04a9a764fdcb1962" + "revision": "a18af48f47e734f2bd0a2e252cead828fbb7c671" }, "go-task/tap": { - "revision": "100e8b72428727dac26fc61027332972d14db047" + "revision": "e67229269bbe8c0a7c1716d7579ec1df3995683d" }, "siderolabs/talos": { "revision": "e006523c1933e02f9eb0de4f43df3fc067ce70a6" + }, + "siderolabs/tap": { + "revision": "0fd1d52d928f4976f1ae8bdc02ecfcf9490e5d14" } }, "brew": { "age": { - "version": "1.1.1", + "version": "1.2.0", "bottle": { "rebuild": 0, "root_url": "https://ghcr.io/v2/homebrew/core", "files": { + "arm64_sequoia": { + "cellar": ":any_skip_relocation", + "url": "https://ghcr.io/v2/homebrew/core/age/blobs/sha256:6e542c3d7bb343de9e711514736debc8af9cbeb01a26b903ba13ac5b6514bece", + "sha256": "6e542c3d7bb343de9e711514736debc8af9cbeb01a26b903ba13ac5b6514bece" + }, "arm64_sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/age/blobs/sha256:fb6ae25bd119151a8d3449a170c0893a515ab89646bac0889d45ed849ddaab67", - "sha256": "fb6ae25bd119151a8d3449a170c0893a515ab89646bac0889d45ed849ddaab67" + "url": "https://ghcr.io/v2/homebrew/core/age/blobs/sha256:41e4ed7ff1849806a4144c68fd6ea0607000b6ab9968e658664e2846764b5acc", + "sha256": "41e4ed7ff1849806a4144c68fd6ea0607000b6ab9968e658664e2846764b5acc" }, "arm64_ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/age/blobs/sha256:e8c3818aeeb7eea70eb6b5bc3ea0cce27362a859b198fb74a00db98c6580785b", - "sha256": "e8c3818aeeb7eea70eb6b5bc3ea0cce27362a859b198fb74a00db98c6580785b" + "url": "https://ghcr.io/v2/homebrew/core/age/blobs/sha256:94cfc2ee8b79c165388e74c3ab53cb824f3ec3043e6d8cecb4016dce0e6d7c31", + "sha256": "94cfc2ee8b79c165388e74c3ab53cb824f3ec3043e6d8cecb4016dce0e6d7c31" }, "arm64_monterey": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/age/blobs/sha256:ac5bba583073cc0b27cfc6d4429ba0f35b0f19713db12c053fefd81f37596024", - "sha256": "ac5bba583073cc0b27cfc6d4429ba0f35b0f19713db12c053fefd81f37596024" - }, - "arm64_big_sur": { - "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/age/blobs/sha256:54ea15cf68dcc78e96564825785b348d4f84c76042742b1ddf3cb3db2eb3c0fc", - "sha256": "54ea15cf68dcc78e96564825785b348d4f84c76042742b1ddf3cb3db2eb3c0fc" + "url": "https://ghcr.io/v2/homebrew/core/age/blobs/sha256:365a092bba65b870b2a171fc81f893fa43d8c025c2f257926de0c3431529fa2f", + "sha256": "365a092bba65b870b2a171fc81f893fa43d8c025c2f257926de0c3431529fa2f" }, "sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/age/blobs/sha256:e7bc0bcbc06642ab6b2489df76bee825a6b967f080c8d8c2046639dcaf7dc6ce", - "sha256": "e7bc0bcbc06642ab6b2489df76bee825a6b967f080c8d8c2046639dcaf7dc6ce" + "url": "https://ghcr.io/v2/homebrew/core/age/blobs/sha256:bac09b266d274fef97330251550355444ae86d771aa36ac657da06e04c3c502f", + "sha256": "bac09b266d274fef97330251550355444ae86d771aa36ac657da06e04c3c502f" }, "ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/age/blobs/sha256:93bbcd6f694b2cc9a35ade57d2a9b39059bc6afd27528bd3dacd01bebd901ef9", - "sha256": "93bbcd6f694b2cc9a35ade57d2a9b39059bc6afd27528bd3dacd01bebd901ef9" + "url": "https://ghcr.io/v2/homebrew/core/age/blobs/sha256:69d5ab672aab414d7f4e7867ac8aedaae24b65bbae275aeecca2ca2a2532c871", + "sha256": "69d5ab672aab414d7f4e7867ac8aedaae24b65bbae275aeecca2ca2a2532c871" }, "monterey": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/age/blobs/sha256:8f7a53819cbc634ab0f496ef6d8b2ae9cf9ceacabfd2e195c3277c5161aedcfc", - "sha256": "8f7a53819cbc634ab0f496ef6d8b2ae9cf9ceacabfd2e195c3277c5161aedcfc" - }, - "big_sur": { - "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/age/blobs/sha256:bdfdb069c08d9c8062bd1f6b951000ee9fdcd8fe57e50a4e522ee508931569df", - "sha256": "bdfdb069c08d9c8062bd1f6b951000ee9fdcd8fe57e50a4e522ee508931569df" + "url": "https://ghcr.io/v2/homebrew/core/age/blobs/sha256:50180ad28dff70d139b3577b94b66dac48767bf6b957ba0c7bf0ccecb7f58722", + "sha256": "50180ad28dff70d139b3577b94b66dac48767bf6b957ba0c7bf0ccecb7f58722" }, "x86_64_linux": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/age/blobs/sha256:035ffde6b73ec870c742ed42b4fb4a0709ba1fc9394fee63b2689a2d0c9d84d8", - "sha256": "035ffde6b73ec870c742ed42b4fb4a0709ba1fc9394fee63b2689a2d0c9d84d8" + "url": "https://ghcr.io/v2/homebrew/core/age/blobs/sha256:33f74dae7dff519afbbcf200af30a1953f2707be25d03f8f912d1c43e5556ec8", + "sha256": "33f74dae7dff519afbbcf200af30a1953f2707be25d03f8f912d1c43e5556ec8" } } } }, "cloudflared": { - "version": "2024.2.1", + "version": "2024.10.0", "bottle": { "rebuild": 0, "root_url": "https://ghcr.io/v2/homebrew/core", "files": { - "arm64_sonoma": { + "arm64_sequoia": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/cloudflared/blobs/sha256:38eac82efb2a98421b811b61ac8821e3a4b7def103710e401d40e6c44e2a1326", - "sha256": "38eac82efb2a98421b811b61ac8821e3a4b7def103710e401d40e6c44e2a1326" + "url": "https://ghcr.io/v2/homebrew/core/cloudflared/blobs/sha256:f644d93f8451b54abf627ab0585d11073c6f10992d8b14c1b33e52d5d4f9f5dd", + "sha256": "f644d93f8451b54abf627ab0585d11073c6f10992d8b14c1b33e52d5d4f9f5dd" }, - "arm64_ventura": { + "arm64_sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/cloudflared/blobs/sha256:8172034b5a966c42c8c9f98fb0490c54bb0892f0e7db54b1faed96a214c6897e", - "sha256": "8172034b5a966c42c8c9f98fb0490c54bb0892f0e7db54b1faed96a214c6897e" + "url": "https://ghcr.io/v2/homebrew/core/cloudflared/blobs/sha256:d091d33aa14cd5172fc69fc818a4ce7c936390c8b31bd10ddac0364aee5a9abc", + "sha256": "d091d33aa14cd5172fc69fc818a4ce7c936390c8b31bd10ddac0364aee5a9abc" }, - "arm64_monterey": { + "arm64_ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/cloudflared/blobs/sha256:2f9695a3266bfb3e5f3782090bf2814a148ae898c984c5ddd0192643ba471e0a", - "sha256": "2f9695a3266bfb3e5f3782090bf2814a148ae898c984c5ddd0192643ba471e0a" + "url": "https://ghcr.io/v2/homebrew/core/cloudflared/blobs/sha256:3ff64e3a250e4d6eb01320eba08f59b2eb260fc6eb8bf506f4c31e2051973789", + "sha256": "3ff64e3a250e4d6eb01320eba08f59b2eb260fc6eb8bf506f4c31e2051973789" }, "sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/cloudflared/blobs/sha256:e6b2bd9b0b96e838bee8d6d482a6321c6287235436b723c03ce098600c009570", - "sha256": "e6b2bd9b0b96e838bee8d6d482a6321c6287235436b723c03ce098600c009570" + "url": "https://ghcr.io/v2/homebrew/core/cloudflared/blobs/sha256:0c02de00ceceb57a88c41ec6f47fd52284c75628babdfeb2680cb9dfedf7b84d", + "sha256": "0c02de00ceceb57a88c41ec6f47fd52284c75628babdfeb2680cb9dfedf7b84d" }, "ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/cloudflared/blobs/sha256:ccc2b355d68bdf729fddcb8d730ef1d36a1e83f2e0a8354c039e1aecdabf2838", - "sha256": "ccc2b355d68bdf729fddcb8d730ef1d36a1e83f2e0a8354c039e1aecdabf2838" - }, - "monterey": { - "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/cloudflared/blobs/sha256:980bd828d071446bd54bd60328480dbf0f4ef2438c23f0623c3fbb46547516cd", - "sha256": "980bd828d071446bd54bd60328480dbf0f4ef2438c23f0623c3fbb46547516cd" + "url": "https://ghcr.io/v2/homebrew/core/cloudflared/blobs/sha256:4b479f89189b44beb337a9376ac6f9339c411f07eb41bc407782817cc4bb2e83", + "sha256": "4b479f89189b44beb337a9376ac6f9339c411f07eb41bc407782817cc4bb2e83" }, "x86_64_linux": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/cloudflared/blobs/sha256:6965da150ac3f5f5eacbc37daf483ab84df026b11f2ecf6538eb77b640af0749", - "sha256": "6965da150ac3f5f5eacbc37daf483ab84df026b11f2ecf6538eb77b640af0749" + "url": "https://ghcr.io/v2/homebrew/core/cloudflared/blobs/sha256:c92c6c7c9f8d747c61c8ec50510dbb7c79815215385f9648f0a945cc43029f67", + "sha256": "c92c6c7c9f8d747c61c8ec50510dbb7c79815215385f9648f0a945cc43029f67" } } } }, "direnv": { - "version": "2.33.0", + "version": "2.35.0", "bottle": { - "rebuild": 1, + "rebuild": 0, "root_url": "https://ghcr.io/v2/homebrew/core", "files": { - "arm64_sonoma": { + "arm64_sequoia": { "cellar": "/opt/homebrew/Cellar", - "url": "https://ghcr.io/v2/homebrew/core/direnv/blobs/sha256:b1795e6743e0bb769f92d07aa5d2401c57b7bee715fc68894c2f5d1c95aba013", - "sha256": "b1795e6743e0bb769f92d07aa5d2401c57b7bee715fc68894c2f5d1c95aba013" + "url": "https://ghcr.io/v2/homebrew/core/direnv/blobs/sha256:555680f965bef99d45f35f938d1152be6d585a98b2d92833c9b511705726b7e5", + "sha256": "555680f965bef99d45f35f938d1152be6d585a98b2d92833c9b511705726b7e5" }, - "arm64_ventura": { + "arm64_sonoma": { "cellar": "/opt/homebrew/Cellar", - "url": "https://ghcr.io/v2/homebrew/core/direnv/blobs/sha256:1c2d6d8b0bdc071b4344600ec914dd52f521c3d21f9fd38a6e218e65cc50fb36", - "sha256": "1c2d6d8b0bdc071b4344600ec914dd52f521c3d21f9fd38a6e218e65cc50fb36" + "url": "https://ghcr.io/v2/homebrew/core/direnv/blobs/sha256:576094be0687c6c9a3aa145a8edfed09848cb9285ce304f6a206239c22674292", + "sha256": "576094be0687c6c9a3aa145a8edfed09848cb9285ce304f6a206239c22674292" }, - "arm64_monterey": { + "arm64_ventura": { "cellar": "/opt/homebrew/Cellar", - "url": "https://ghcr.io/v2/homebrew/core/direnv/blobs/sha256:1e365c468da6a471f28c21ef11871641f8414d1c45b9710509884a9aa8b6fe78", - "sha256": "1e365c468da6a471f28c21ef11871641f8414d1c45b9710509884a9aa8b6fe78" + "url": "https://ghcr.io/v2/homebrew/core/direnv/blobs/sha256:749c61fb5908b45ae922e191156d1c1c85e92184ae4aa50356727cb006e4eaff", + "sha256": "749c61fb5908b45ae922e191156d1c1c85e92184ae4aa50356727cb006e4eaff" }, "sonoma": { "cellar": "/usr/local/Cellar", - "url": "https://ghcr.io/v2/homebrew/core/direnv/blobs/sha256:cd4b008579b836b43778c197cfa953cb3934505db0e65053ae5a9d4c10155c60", - "sha256": "cd4b008579b836b43778c197cfa953cb3934505db0e65053ae5a9d4c10155c60" + "url": "https://ghcr.io/v2/homebrew/core/direnv/blobs/sha256:78822d0960892dd2dc7cf12cd1bebd1739452a1087e084a379fa5857ad7d563b", + "sha256": "78822d0960892dd2dc7cf12cd1bebd1739452a1087e084a379fa5857ad7d563b" }, "ventura": { "cellar": "/usr/local/Cellar", - "url": "https://ghcr.io/v2/homebrew/core/direnv/blobs/sha256:55781935916235989a46904640a4728a0a3dc24228db7cc9dbac5954b95e52dd", - "sha256": "55781935916235989a46904640a4728a0a3dc24228db7cc9dbac5954b95e52dd" - }, - "monterey": { - "cellar": "/usr/local/Cellar", - "url": "https://ghcr.io/v2/homebrew/core/direnv/blobs/sha256:6b0c4abed5b230f6e3112df41f9019dd8291a5cb3c82e3337471e2b4aa5e28ea", - "sha256": "6b0c4abed5b230f6e3112df41f9019dd8291a5cb3c82e3337471e2b4aa5e28ea" + "url": "https://ghcr.io/v2/homebrew/core/direnv/blobs/sha256:a3f6dc3e38e4bc941f7bcf2c9391cd628ca012580f8430bbab0c8ad0a77ebe06", + "sha256": "a3f6dc3e38e4bc941f7bcf2c9391cd628ca012580f8430bbab0c8ad0a77ebe06" }, "x86_64_linux": { "cellar": "/home/linuxbrew/.linuxbrew/Cellar", - "url": "https://ghcr.io/v2/homebrew/core/direnv/blobs/sha256:65deffe8cb70793402e4ac64655d9805b0b84f174fe8a32dd0722d1781bc4a1f", - "sha256": "65deffe8cb70793402e4ac64655d9805b0b84f174fe8a32dd0722d1781bc4a1f" + "url": "https://ghcr.io/v2/homebrew/core/direnv/blobs/sha256:6c55923c4fb0ebe30e96bc5909fa94543591cf36b2e5d72cff697c5e7c540139", + "sha256": "6c55923c4fb0ebe30e96bc5909fa94543591cf36b2e5d72cff697c5e7c540139" } } } }, "fluxcd/tap/flux": { - "version": "2.2.3", + "version": "2.4.0", "bottle": false }, "go-task/tap/go-task": { - "version": "3.34.1", + "version": "3.39.2", "bottle": false }, "helm": { - "version": "3.14.1", + "version": "3.16.2", "bottle": { "rebuild": 0, "root_url": "https://ghcr.io/v2/homebrew/core", "files": { - "arm64_sonoma": { + "arm64_sequoia": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/helm/blobs/sha256:db9203deb4e0836c6bec566017cbbc225ecc62b7925217aca49f784f38cb30b3", - "sha256": "db9203deb4e0836c6bec566017cbbc225ecc62b7925217aca49f784f38cb30b3" + "url": "https://ghcr.io/v2/homebrew/core/helm/blobs/sha256:13ad3314a8d2eda0a9fdc822adb7117107cb1df214012245370e3756918222ac", + "sha256": "13ad3314a8d2eda0a9fdc822adb7117107cb1df214012245370e3756918222ac" }, - "arm64_ventura": { + "arm64_sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/helm/blobs/sha256:81522c395cee87e80b24dea02c5968c05a54939a846a89dbdbbb2fceea53797a", - "sha256": "81522c395cee87e80b24dea02c5968c05a54939a846a89dbdbbb2fceea53797a" + "url": "https://ghcr.io/v2/homebrew/core/helm/blobs/sha256:ca9adda46f918e7b6c33349ce871a65c3a82f308539ab910396c802d3dfd08da", + "sha256": "ca9adda46f918e7b6c33349ce871a65c3a82f308539ab910396c802d3dfd08da" }, - "arm64_monterey": { + "arm64_ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/helm/blobs/sha256:d346ba8be0b6d70aaf61dee99bcc6e8f7b384f7eb936f059ccc1d1e68df0f73c", - "sha256": "d346ba8be0b6d70aaf61dee99bcc6e8f7b384f7eb936f059ccc1d1e68df0f73c" + "url": "https://ghcr.io/v2/homebrew/core/helm/blobs/sha256:2bcf7612097cf01e16695a53bf33ff8794e4de114847c14e7bebdd430ed249f5", + "sha256": "2bcf7612097cf01e16695a53bf33ff8794e4de114847c14e7bebdd430ed249f5" }, "sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/helm/blobs/sha256:68ff72edb2329cecc800dd93f72998b53999cf94953a1ec5f8a26f5c9e630490", - "sha256": "68ff72edb2329cecc800dd93f72998b53999cf94953a1ec5f8a26f5c9e630490" + "url": "https://ghcr.io/v2/homebrew/core/helm/blobs/sha256:41256c21b0ea9ecea53c31675ef0dc2e683f83feafd664a8bb6e170fbc705645", + "sha256": "41256c21b0ea9ecea53c31675ef0dc2e683f83feafd664a8bb6e170fbc705645" }, "ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/helm/blobs/sha256:dc594e585fafae33f4ed5b05756b755ee496876e4eb3608f8482b86d8865dcf9", - "sha256": "dc594e585fafae33f4ed5b05756b755ee496876e4eb3608f8482b86d8865dcf9" - }, - "monterey": { - "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/helm/blobs/sha256:f2f2e7b9555ec5c33fec394c54efaba084ccee1611f81e21e22d69a38bb09ce3", - "sha256": "f2f2e7b9555ec5c33fec394c54efaba084ccee1611f81e21e22d69a38bb09ce3" + "url": "https://ghcr.io/v2/homebrew/core/helm/blobs/sha256:575f55d49da92c7679c285bdc17056b5df25ea277f74e951e35024da0c7c019d", + "sha256": "575f55d49da92c7679c285bdc17056b5df25ea277f74e951e35024da0c7c019d" }, "x86_64_linux": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/helm/blobs/sha256:3e70555fce39c649316a48579ae5cbbd80aee3dc0e6e51c9b279f787d08ac62e", - "sha256": "3e70555fce39c649316a48579ae5cbbd80aee3dc0e6e51c9b279f787d08ac62e" + "url": "https://ghcr.io/v2/homebrew/core/helm/blobs/sha256:d13febc5a4916a8f8c7c9918365c27fd862279c5c540ee7d4896b4ebd142402e", + "sha256": "d13febc5a4916a8f8c7c9918365c27fd862279c5c540ee7d4896b4ebd142402e" } } } }, "helmfile": { - "version": "0.162.0", + "version": "0.169.0", "bottle": { "rebuild": 0, "root_url": "https://ghcr.io/v2/homebrew/core", "files": { - "arm64_sonoma": { + "arm64_sequoia": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/helmfile/blobs/sha256:311e5560ae22554c7e0d6aa102f9fa1419eb33ee14a15b1108e994f0d342bfca", - "sha256": "311e5560ae22554c7e0d6aa102f9fa1419eb33ee14a15b1108e994f0d342bfca" + "url": "https://ghcr.io/v2/homebrew/core/helmfile/blobs/sha256:ebb390acb8fc2a96c59b66dce3fffa11860b4d16f39b10d00cedadcc77dcc94f", + "sha256": "ebb390acb8fc2a96c59b66dce3fffa11860b4d16f39b10d00cedadcc77dcc94f" }, - "arm64_ventura": { + "arm64_sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/helmfile/blobs/sha256:4fd84529f5150e43177455af400122478812f58b255b8986a70bae7ba58d07de", - "sha256": "4fd84529f5150e43177455af400122478812f58b255b8986a70bae7ba58d07de" + "url": "https://ghcr.io/v2/homebrew/core/helmfile/blobs/sha256:fe5b08c57eb31b05c7ea64c5d94226d001ae79d96b135d73522a7a8a1cba6a35", + "sha256": "fe5b08c57eb31b05c7ea64c5d94226d001ae79d96b135d73522a7a8a1cba6a35" }, - "arm64_monterey": { + "arm64_ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/helmfile/blobs/sha256:89389108d2b762e710b2da38ae97249ca3d0c51364a9370ab95e6a823b5d4924", - "sha256": "89389108d2b762e710b2da38ae97249ca3d0c51364a9370ab95e6a823b5d4924" + "url": "https://ghcr.io/v2/homebrew/core/helmfile/blobs/sha256:246e229cb705ec26730fd79d5d4a188be65d8c7d0f0e6ff1d62a14964f6cb209", + "sha256": "246e229cb705ec26730fd79d5d4a188be65d8c7d0f0e6ff1d62a14964f6cb209" }, "sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/helmfile/blobs/sha256:422841989864e53cf9099872e01e278bc5667c34b0c6e6d88b235110e82968ba", - "sha256": "422841989864e53cf9099872e01e278bc5667c34b0c6e6d88b235110e82968ba" + "url": "https://ghcr.io/v2/homebrew/core/helmfile/blobs/sha256:543324f6bea6127c49ad7765bde5b1ff21add9094f4ba3af2bfc6e26b68ccf4f", + "sha256": "543324f6bea6127c49ad7765bde5b1ff21add9094f4ba3af2bfc6e26b68ccf4f" }, "ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/helmfile/blobs/sha256:e88b749eff126ef2b3d012d8811bb8d84290620358a00c9b7dde0160df335878", - "sha256": "e88b749eff126ef2b3d012d8811bb8d84290620358a00c9b7dde0160df335878" - }, - "monterey": { - "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/helmfile/blobs/sha256:d73fa242508fa4d71e9eadb82967daee40b1cebf65161c7284fdb557812959d8", - "sha256": "d73fa242508fa4d71e9eadb82967daee40b1cebf65161c7284fdb557812959d8" + "url": "https://ghcr.io/v2/homebrew/core/helmfile/blobs/sha256:e71106e4146b2f4165c175bf9756b1730c2b3ea8d65ce78694cfb0401a37d425", + "sha256": "e71106e4146b2f4165c175bf9756b1730c2b3ea8d65ce78694cfb0401a37d425" }, "x86_64_linux": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/helmfile/blobs/sha256:5a5f1e0365791648d6e898958e32de4dd878896c41184291fbd6bbe172491504", - "sha256": "5a5f1e0365791648d6e898958e32de4dd878896c41184291fbd6bbe172491504" + "url": "https://ghcr.io/v2/homebrew/core/helmfile/blobs/sha256:955fbffbce006e57aa8693a1351f1cc5ea8e24c7ac41ea670f4a9a452f4a4b5b", + "sha256": "955fbffbce006e57aa8693a1351f1cc5ea8e24c7ac41ea670f4a9a452f4a4b5b" } } } @@ -253,351 +231,341 @@ "jq": { "version": "1.7.1", "bottle": { - "rebuild": 0, + "rebuild": 1, "root_url": "https://ghcr.io/v2/homebrew/core", "files": { + "arm64_sequoia": { + "cellar": ":any", + "url": "https://ghcr.io/v2/homebrew/core/jq/blobs/sha256:a10c82b07e393869d4467ad3e8ba26346d026b1ad3533d31dbb5e72abe9a7968", + "sha256": "a10c82b07e393869d4467ad3e8ba26346d026b1ad3533d31dbb5e72abe9a7968" + }, "arm64_sonoma": { "cellar": ":any", - "url": "https://ghcr.io/v2/homebrew/core/jq/blobs/sha256:07bc9081c0fdb43aca089e5839f6a270fc45ca9aa7d7633e16fac0fdfe4c4ad8", - "sha256": "07bc9081c0fdb43aca089e5839f6a270fc45ca9aa7d7633e16fac0fdfe4c4ad8" + "url": "https://ghcr.io/v2/homebrew/core/jq/blobs/sha256:7d01bc414859db57e055c814daa10e9c586626381ea329862ad4300f9fee78ce", + "sha256": "7d01bc414859db57e055c814daa10e9c586626381ea329862ad4300f9fee78ce" }, "arm64_ventura": { "cellar": ":any", - "url": "https://ghcr.io/v2/homebrew/core/jq/blobs/sha256:1b27f5277eb2cdfac9f3970ee9adadddc5e04e45469de05a663bc16e793b4eea", - "sha256": "1b27f5277eb2cdfac9f3970ee9adadddc5e04e45469de05a663bc16e793b4eea" + "url": "https://ghcr.io/v2/homebrew/core/jq/blobs/sha256:b1a185e72ca020f08a8de22fabe1ad2425bf48d2e0378c5e07a6678020fa3e15", + "sha256": "b1a185e72ca020f08a8de22fabe1ad2425bf48d2e0378c5e07a6678020fa3e15" }, "arm64_monterey": { "cellar": ":any", - "url": "https://ghcr.io/v2/homebrew/core/jq/blobs/sha256:41911a73dc6a44c9788c198abc18307213d070d7ca6375e8dd6994335aaee136", - "sha256": "41911a73dc6a44c9788c198abc18307213d070d7ca6375e8dd6994335aaee136" + "url": "https://ghcr.io/v2/homebrew/core/jq/blobs/sha256:8f8c06332f413f5259b360ed65dc3ef21b5d3f2fff35160bc12367e53cbd06bf", + "sha256": "8f8c06332f413f5259b360ed65dc3ef21b5d3f2fff35160bc12367e53cbd06bf" }, "sonoma": { "cellar": ":any", - "url": "https://ghcr.io/v2/homebrew/core/jq/blobs/sha256:b68d33a5e3c79a0f457d96de1ad1f200c05314f5fea9244d712847c92032b5f7", - "sha256": "b68d33a5e3c79a0f457d96de1ad1f200c05314f5fea9244d712847c92032b5f7" + "url": "https://ghcr.io/v2/homebrew/core/jq/blobs/sha256:6bc01de99fd7f091b86880534842132a876f2d3043e3932ea75efc5f51c40aea", + "sha256": "6bc01de99fd7f091b86880534842132a876f2d3043e3932ea75efc5f51c40aea" }, "ventura": { "cellar": ":any", - "url": "https://ghcr.io/v2/homebrew/core/jq/blobs/sha256:10b845b1505892ff585b49e89fe3b09761d148b2c14ca6f5a1aa58002452f8f0", - "sha256": "10b845b1505892ff585b49e89fe3b09761d148b2c14ca6f5a1aa58002452f8f0" + "url": "https://ghcr.io/v2/homebrew/core/jq/blobs/sha256:03227348d3845fe16ed261ad020402c1f23c56e73f65799ce278af4bac63c799", + "sha256": "03227348d3845fe16ed261ad020402c1f23c56e73f65799ce278af4bac63c799" }, "monterey": { "cellar": ":any", - "url": "https://ghcr.io/v2/homebrew/core/jq/blobs/sha256:449c76665ac72b34daeb1a09dd19217e3be1e723c63ec3ac88e02b8c9a750f34", - "sha256": "449c76665ac72b34daeb1a09dd19217e3be1e723c63ec3ac88e02b8c9a750f34" + "url": "https://ghcr.io/v2/homebrew/core/jq/blobs/sha256:25aab2c539a41e4d67cd3d44353aac3cdd159ea815fec2b8dd82fbf038c559cc", + "sha256": "25aab2c539a41e4d67cd3d44353aac3cdd159ea815fec2b8dd82fbf038c559cc" }, "x86_64_linux": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/jq/blobs/sha256:ed490b627b327b3458a70a78c546be07d57bfc6958921f875b76e85f6be51f47", - "sha256": "ed490b627b327b3458a70a78c546be07d57bfc6958921f875b76e85f6be51f47" + "url": "https://ghcr.io/v2/homebrew/core/jq/blobs/sha256:9559d8278cf20ad0294f2059855e1bc9d2bcabfd2bd5b5774c66006d1f201ad8", + "sha256": "9559d8278cf20ad0294f2059855e1bc9d2bcabfd2bd5b5774c66006d1f201ad8" } } } }, "kubeconform": { - "version": "0.6.4", + "version": "0.6.7", "bottle": { - "rebuild": 0, + "rebuild": 1, "root_url": "https://ghcr.io/v2/homebrew/core", "files": { - "arm64_sonoma": { + "arm64_sequoia": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/kubeconform/blobs/sha256:f655b26950605b0d0dd78aa1e36f59308c2f8247a6fd03ed07d410d6ff745114", - "sha256": "f655b26950605b0d0dd78aa1e36f59308c2f8247a6fd03ed07d410d6ff745114" + "url": "https://ghcr.io/v2/homebrew/core/kubeconform/blobs/sha256:0971d5199510dea4a17e5d81b5dcb9c1cd663b22a6043f3b2ac34ebaf5e0f057", + "sha256": "0971d5199510dea4a17e5d81b5dcb9c1cd663b22a6043f3b2ac34ebaf5e0f057" }, - "arm64_ventura": { + "arm64_sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/kubeconform/blobs/sha256:f29d2ec9286b0b3da63491cdf5ad9a980e02b34c633922373d3d83c99a519156", - "sha256": "f29d2ec9286b0b3da63491cdf5ad9a980e02b34c633922373d3d83c99a519156" + "url": "https://ghcr.io/v2/homebrew/core/kubeconform/blobs/sha256:0971d5199510dea4a17e5d81b5dcb9c1cd663b22a6043f3b2ac34ebaf5e0f057", + "sha256": "0971d5199510dea4a17e5d81b5dcb9c1cd663b22a6043f3b2ac34ebaf5e0f057" }, - "arm64_monterey": { + "arm64_ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/kubeconform/blobs/sha256:b3dc75a32613607bcfda5b26e7b2ff438f6c2dcfeaa0253260ee3d769acd9846", - "sha256": "b3dc75a32613607bcfda5b26e7b2ff438f6c2dcfeaa0253260ee3d769acd9846" + "url": "https://ghcr.io/v2/homebrew/core/kubeconform/blobs/sha256:0971d5199510dea4a17e5d81b5dcb9c1cd663b22a6043f3b2ac34ebaf5e0f057", + "sha256": "0971d5199510dea4a17e5d81b5dcb9c1cd663b22a6043f3b2ac34ebaf5e0f057" }, "sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/kubeconform/blobs/sha256:5209ac5e46f89e744fb58bb6cb5ac41f9afc2aff85debc3e087a22474058294b", - "sha256": "5209ac5e46f89e744fb58bb6cb5ac41f9afc2aff85debc3e087a22474058294b" + "url": "https://ghcr.io/v2/homebrew/core/kubeconform/blobs/sha256:79a09d5e396be8bf3ac812ed61250b6a5e1354bf887099618669924aa5893355", + "sha256": "79a09d5e396be8bf3ac812ed61250b6a5e1354bf887099618669924aa5893355" }, "ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/kubeconform/blobs/sha256:8fabb1f54900b8f01c505683d3d6d5fc9818301d7d0fc73849ba9b9d99e32490", - "sha256": "8fabb1f54900b8f01c505683d3d6d5fc9818301d7d0fc73849ba9b9d99e32490" - }, - "monterey": { - "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/kubeconform/blobs/sha256:6a32ad8ac259fbfa8661ca05b74c6594bf6d5b95c853d76f9ccea4eab3c749f1", - "sha256": "6a32ad8ac259fbfa8661ca05b74c6594bf6d5b95c853d76f9ccea4eab3c749f1" + "url": "https://ghcr.io/v2/homebrew/core/kubeconform/blobs/sha256:79a09d5e396be8bf3ac812ed61250b6a5e1354bf887099618669924aa5893355", + "sha256": "79a09d5e396be8bf3ac812ed61250b6a5e1354bf887099618669924aa5893355" }, "x86_64_linux": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/kubeconform/blobs/sha256:877cd8d28b144933a9ed71a46621654041bbdd86af88a282260e7825a8f58b2d", - "sha256": "877cd8d28b144933a9ed71a46621654041bbdd86af88a282260e7825a8f58b2d" + "url": "https://ghcr.io/v2/homebrew/core/kubeconform/blobs/sha256:e1e7733199b192aaeb2aa7bf21b41afacbf1eed5a26532164ef3a917f7b8feeb", + "sha256": "e1e7733199b192aaeb2aa7bf21b41afacbf1eed5a26532164ef3a917f7b8feeb" } } } }, "kubernetes-cli": { - "version": "1.29.2", + "version": "1.31.1", "bottle": { "rebuild": 0, "root_url": "https://ghcr.io/v2/homebrew/core", "files": { + "arm64_sequoia": { + "cellar": ":any_skip_relocation", + "url": "https://ghcr.io/v2/homebrew/core/kubernetes-cli/blobs/sha256:7b2dacab8e24e56d32b556ac18fc628504a9803850f2ff4b309a8eb52f71e34b", + "sha256": "7b2dacab8e24e56d32b556ac18fc628504a9803850f2ff4b309a8eb52f71e34b" + }, "arm64_sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/kubernetes-cli/blobs/sha256:149bb26966ae33f2476068e8a793fcd29443737ddd00f3d35eeca4fb0da58678", - "sha256": "149bb26966ae33f2476068e8a793fcd29443737ddd00f3d35eeca4fb0da58678" + "url": "https://ghcr.io/v2/homebrew/core/kubernetes-cli/blobs/sha256:fd4adf11b477a2d833cff8baf14822329aafe9ade60ecd09456a825a964953ab", + "sha256": "fd4adf11b477a2d833cff8baf14822329aafe9ade60ecd09456a825a964953ab" }, "arm64_ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/kubernetes-cli/blobs/sha256:fde01001bb1ab9edb9e3b5221a7a694bd012befd13751d2ec509cfd010499741", - "sha256": "fde01001bb1ab9edb9e3b5221a7a694bd012befd13751d2ec509cfd010499741" + "url": "https://ghcr.io/v2/homebrew/core/kubernetes-cli/blobs/sha256:4cbe24e30bd991c27aee2a28423826fadab5ebc15717f51fa25ccfdb0aa9e795", + "sha256": "4cbe24e30bd991c27aee2a28423826fadab5ebc15717f51fa25ccfdb0aa9e795" }, "arm64_monterey": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/kubernetes-cli/blobs/sha256:0668dd2817c46e6396ea7be4eefd56f582846d9d88a8da462ce2ea72b5c03b60", - "sha256": "0668dd2817c46e6396ea7be4eefd56f582846d9d88a8da462ce2ea72b5c03b60" + "url": "https://ghcr.io/v2/homebrew/core/kubernetes-cli/blobs/sha256:40d55ffb51ff6c139c53d97b7c57c6fa53598f72867e8ef5e25462ec6b502999", + "sha256": "40d55ffb51ff6c139c53d97b7c57c6fa53598f72867e8ef5e25462ec6b502999" }, "sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/kubernetes-cli/blobs/sha256:528d24a53f1bf5e3f48fe5b281dc8903c63b2420e8581fda207d33bddc9c79c6", - "sha256": "528d24a53f1bf5e3f48fe5b281dc8903c63b2420e8581fda207d33bddc9c79c6" + "url": "https://ghcr.io/v2/homebrew/core/kubernetes-cli/blobs/sha256:48186c2050ab56624463e272ab9e343fae8580ea5452739c229bd5eb9f37f65c", + "sha256": "48186c2050ab56624463e272ab9e343fae8580ea5452739c229bd5eb9f37f65c" }, "ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/kubernetes-cli/blobs/sha256:ddf16ce722d3a1e1f5d1405df06b66fd038a522e94c2e9bf643635d6e69a7643", - "sha256": "ddf16ce722d3a1e1f5d1405df06b66fd038a522e94c2e9bf643635d6e69a7643" + "url": "https://ghcr.io/v2/homebrew/core/kubernetes-cli/blobs/sha256:ac93829f01d291ae6138b71f5b92c195fee666c6472a5f7322bc1e341b7a4284", + "sha256": "ac93829f01d291ae6138b71f5b92c195fee666c6472a5f7322bc1e341b7a4284" }, "monterey": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/kubernetes-cli/blobs/sha256:6fa962ab52eb01a0cc2aeb7145288f1659819a8063ef9fdecd178b1eb93dbca5", - "sha256": "6fa962ab52eb01a0cc2aeb7145288f1659819a8063ef9fdecd178b1eb93dbca5" + "url": "https://ghcr.io/v2/homebrew/core/kubernetes-cli/blobs/sha256:08b6aef481e96c36fec30cf8fee213ca0a273210c670daeca5b6a408fc9a7bc3", + "sha256": "08b6aef481e96c36fec30cf8fee213ca0a273210c670daeca5b6a408fc9a7bc3" }, "x86_64_linux": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/kubernetes-cli/blobs/sha256:1faa3014c67210d3aec818c4b31d368cf8a8ac95cd68e3fbc8ee1975ee50c8e1", - "sha256": "1faa3014c67210d3aec818c4b31d368cf8a8ac95cd68e3fbc8ee1975ee50c8e1" + "url": "https://ghcr.io/v2/homebrew/core/kubernetes-cli/blobs/sha256:8ce9759ac9adcf152d5c77aa64e3d8cd1efebebf6e7e271d44055e105e0f18e4", + "sha256": "8ce9759ac9adcf152d5c77aa64e3d8cd1efebebf6e7e271d44055e105e0f18e4" } } } }, "kustomize": { - "version": "5.3.0", + "version": "5.5.0", "bottle": { "rebuild": 0, "root_url": "https://ghcr.io/v2/homebrew/core", "files": { - "arm64_sonoma": { + "arm64_sequoia": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/kustomize/blobs/sha256:da74dc9b70c7d61e1c163778c48e09c93a6e3cc5c192d77529154efcb6cdee79", - "sha256": "da74dc9b70c7d61e1c163778c48e09c93a6e3cc5c192d77529154efcb6cdee79" + "url": "https://ghcr.io/v2/homebrew/core/kustomize/blobs/sha256:0a34e6a184939183913d0eb56312afde72e28c22dedf305d9c667efd8a36fceb", + "sha256": "0a34e6a184939183913d0eb56312afde72e28c22dedf305d9c667efd8a36fceb" }, - "arm64_ventura": { + "arm64_sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/kustomize/blobs/sha256:b874ac704f04ee6377b2cc19e96bcc09cbbd014542c3c942ca5d0e1b2bda8c5b", - "sha256": "b874ac704f04ee6377b2cc19e96bcc09cbbd014542c3c942ca5d0e1b2bda8c5b" + "url": "https://ghcr.io/v2/homebrew/core/kustomize/blobs/sha256:377f5b7a4eea752d7553084436d07a5ca12898ca26590a9fdc28a6ed67c27e0e", + "sha256": "377f5b7a4eea752d7553084436d07a5ca12898ca26590a9fdc28a6ed67c27e0e" }, - "arm64_monterey": { + "arm64_ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/kustomize/blobs/sha256:60784086923f8fa0e3e331cb294c287c63af7ed511daad8bc5ecf5d6a0921806", - "sha256": "60784086923f8fa0e3e331cb294c287c63af7ed511daad8bc5ecf5d6a0921806" + "url": "https://ghcr.io/v2/homebrew/core/kustomize/blobs/sha256:16acc2a8548c736dc7634b98588c342f8b53a9798174d51e809a4e66bcfbf0b9", + "sha256": "16acc2a8548c736dc7634b98588c342f8b53a9798174d51e809a4e66bcfbf0b9" }, "sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/kustomize/blobs/sha256:13f1a97c4feea164286cfa272a79d7dc1c379f62cfb5ec4e7de84b536fc6ac2a", - "sha256": "13f1a97c4feea164286cfa272a79d7dc1c379f62cfb5ec4e7de84b536fc6ac2a" + "url": "https://ghcr.io/v2/homebrew/core/kustomize/blobs/sha256:93211d48a7837e98bc39e013f7274076799e20b1bf7c1d7480ce10c7c27e0f61", + "sha256": "93211d48a7837e98bc39e013f7274076799e20b1bf7c1d7480ce10c7c27e0f61" }, "ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/kustomize/blobs/sha256:20782b23f31b14ad44e2bdd45729f1b51e650bed4329c7486a6a40543027b8ed", - "sha256": "20782b23f31b14ad44e2bdd45729f1b51e650bed4329c7486a6a40543027b8ed" - }, - "monterey": { - "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/kustomize/blobs/sha256:efb4a28bc7353d7f37d8eb89283b08c4fed0581ec9e6e646bdda214088a1d301", - "sha256": "efb4a28bc7353d7f37d8eb89283b08c4fed0581ec9e6e646bdda214088a1d301" + "url": "https://ghcr.io/v2/homebrew/core/kustomize/blobs/sha256:6e05b4d3965821a9824a3693c29ee2906720777e867b6336c8144e208bdb217c", + "sha256": "6e05b4d3965821a9824a3693c29ee2906720777e867b6336c8144e208bdb217c" }, "x86_64_linux": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/kustomize/blobs/sha256:073cf7df2aadaaa60767e1dd0672a1bd7dafff56c810a3f59c998e82ba070b9f", - "sha256": "073cf7df2aadaaa60767e1dd0672a1bd7dafff56c810a3f59c998e82ba070b9f" + "url": "https://ghcr.io/v2/homebrew/core/kustomize/blobs/sha256:0dc01f68d22e7d2834a0af743eabc3c2f01876816d7dd5a0137977cbb175200f", + "sha256": "0dc01f68d22e7d2834a0af743eabc3c2f01876816d7dd5a0137977cbb175200f" } } } }, "moreutils": { - "version": "0.68", + "version": "0.69", "bottle": { "rebuild": 0, "root_url": "https://ghcr.io/v2/homebrew/core", "files": { + "arm64_sequoia": { + "cellar": ":any_skip_relocation", + "url": "https://ghcr.io/v2/homebrew/core/moreutils/blobs/sha256:893d69604e34e0307ae8f329d6661dfd949ef46ed8daba2c702b80f83a071c9b", + "sha256": "893d69604e34e0307ae8f329d6661dfd949ef46ed8daba2c702b80f83a071c9b" + }, "arm64_sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/moreutils/blobs/sha256:7906d5c61df0f103ce58bc56c3ea187e4fedb7c3dd8e2cadea39f474dbf4972b", - "sha256": "7906d5c61df0f103ce58bc56c3ea187e4fedb7c3dd8e2cadea39f474dbf4972b" + "url": "https://ghcr.io/v2/homebrew/core/moreutils/blobs/sha256:8d670db1141e2452a4384a659743e919965b1f4bb15df8bf249a4e2de219a1fd", + "sha256": "8d670db1141e2452a4384a659743e919965b1f4bb15df8bf249a4e2de219a1fd" }, "arm64_ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/moreutils/blobs/sha256:68552a226793171ccdf363e124310009b4326f73261883f9960b7baa1e76a288", - "sha256": "68552a226793171ccdf363e124310009b4326f73261883f9960b7baa1e76a288" + "url": "https://ghcr.io/v2/homebrew/core/moreutils/blobs/sha256:37630eb130415e996c7cf3c4333d788d3a6cb7eead141b06dc2b8ab48812c674", + "sha256": "37630eb130415e996c7cf3c4333d788d3a6cb7eead141b06dc2b8ab48812c674" }, "arm64_monterey": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/moreutils/blobs/sha256:e06a52a51ba1becf71fcf028fae19cba7c16b1fb7996f9f8b95aa4c6d77b66ea", - "sha256": "e06a52a51ba1becf71fcf028fae19cba7c16b1fb7996f9f8b95aa4c6d77b66ea" + "url": "https://ghcr.io/v2/homebrew/core/moreutils/blobs/sha256:572eac728e9dfb5791dc1d7e5ec4c54d7afad32320ab71dff2c32038e41487ed", + "sha256": "572eac728e9dfb5791dc1d7e5ec4c54d7afad32320ab71dff2c32038e41487ed" }, "sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/moreutils/blobs/sha256:ce98324a0faa7ece95d8375d34e9c3ad0feaedc50f3a1e28eafcb3de5d64aab1", - "sha256": "ce98324a0faa7ece95d8375d34e9c3ad0feaedc50f3a1e28eafcb3de5d64aab1" + "url": "https://ghcr.io/v2/homebrew/core/moreutils/blobs/sha256:081eb804ba4b73fe2025b5da85b0d84692a5e1f185e13f57ffa672a013069dbc", + "sha256": "081eb804ba4b73fe2025b5da85b0d84692a5e1f185e13f57ffa672a013069dbc" }, "ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/moreutils/blobs/sha256:ac599b305b01691344ecc270d481d2db2755d372708defe3883a3fe98865efb1", - "sha256": "ac599b305b01691344ecc270d481d2db2755d372708defe3883a3fe98865efb1" + "url": "https://ghcr.io/v2/homebrew/core/moreutils/blobs/sha256:bd9bd5a1c203fe83a9bbf171b8db8fa2326f2c31e6ca0ec862346981db7420fa", + "sha256": "bd9bd5a1c203fe83a9bbf171b8db8fa2326f2c31e6ca0ec862346981db7420fa" }, "monterey": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/moreutils/blobs/sha256:82bad00c3dc665b51aa413ed881c017eef667ed11886b912174a157f2b1c8a65", - "sha256": "82bad00c3dc665b51aa413ed881c017eef667ed11886b912174a157f2b1c8a65" + "url": "https://ghcr.io/v2/homebrew/core/moreutils/blobs/sha256:154af5f7e744eeda14286f122af89b6444cf00300fabbd4a3ee4f4c80523b07c", + "sha256": "154af5f7e744eeda14286f122af89b6444cf00300fabbd4a3ee4f4c80523b07c" }, "x86_64_linux": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/moreutils/blobs/sha256:be6a9cf5f24e92ed5cd78ce4bce60192733c8e10965ecc53747a66539b7e2f21", - "sha256": "be6a9cf5f24e92ed5cd78ce4bce60192733c8e10965ecc53747a66539b7e2f21" + "url": "https://ghcr.io/v2/homebrew/core/moreutils/blobs/sha256:e309aded89d7c99d8310fab2123e256f2d37de5e2b574a859cda5c06082f867e", + "sha256": "e309aded89d7c99d8310fab2123e256f2d37de5e2b574a859cda5c06082f867e" } } } }, "sops": { - "version": "3.8.1", + "version": "3.9.1", "bottle": { "rebuild": 0, "root_url": "https://ghcr.io/v2/homebrew/core", "files": { - "arm64_sonoma": { + "arm64_sequoia": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/sops/blobs/sha256:0aa447922f3c179827253fd8d0fe2e087d24a227834b68da3c6ccacda89741d4", - "sha256": "0aa447922f3c179827253fd8d0fe2e087d24a227834b68da3c6ccacda89741d4" + "url": "https://ghcr.io/v2/homebrew/core/sops/blobs/sha256:e22f5ce17fed2e4704f79bdffc815f283426fb623b9420e0be89658a26040e9d", + "sha256": "e22f5ce17fed2e4704f79bdffc815f283426fb623b9420e0be89658a26040e9d" }, - "arm64_ventura": { + "arm64_sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/sops/blobs/sha256:8625e5a465ed0f5c086108990af51526a01aee3e91de0b6256719fe7bf33f7f2", - "sha256": "8625e5a465ed0f5c086108990af51526a01aee3e91de0b6256719fe7bf33f7f2" + "url": "https://ghcr.io/v2/homebrew/core/sops/blobs/sha256:e22f5ce17fed2e4704f79bdffc815f283426fb623b9420e0be89658a26040e9d", + "sha256": "e22f5ce17fed2e4704f79bdffc815f283426fb623b9420e0be89658a26040e9d" }, - "arm64_monterey": { + "arm64_ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/sops/blobs/sha256:e057fcdf75857cfff891e09640263813730f80987d6d3c681f0473d328b3265b", - "sha256": "e057fcdf75857cfff891e09640263813730f80987d6d3c681f0473d328b3265b" + "url": "https://ghcr.io/v2/homebrew/core/sops/blobs/sha256:e22f5ce17fed2e4704f79bdffc815f283426fb623b9420e0be89658a26040e9d", + "sha256": "e22f5ce17fed2e4704f79bdffc815f283426fb623b9420e0be89658a26040e9d" }, "sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/sops/blobs/sha256:96e2377dd04ea9e2f6dc0942de2de7ba615846db960954380f34357f2516efc4", - "sha256": "96e2377dd04ea9e2f6dc0942de2de7ba615846db960954380f34357f2516efc4" + "url": "https://ghcr.io/v2/homebrew/core/sops/blobs/sha256:1f16877a71f0526a575d3777303bc4ad3d2e911a0c5b57e7cbcfd879e0f46b30", + "sha256": "1f16877a71f0526a575d3777303bc4ad3d2e911a0c5b57e7cbcfd879e0f46b30" }, "ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/sops/blobs/sha256:1aa9ac1ac98054155066da4898ded3e8c0c792714b026c57414368a27d85f06a", - "sha256": "1aa9ac1ac98054155066da4898ded3e8c0c792714b026c57414368a27d85f06a" - }, - "monterey": { - "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/sops/blobs/sha256:14178f64db4aa62340dd57d208f02d06336ea8465393171154560d64188ed5c9", - "sha256": "14178f64db4aa62340dd57d208f02d06336ea8465393171154560d64188ed5c9" + "url": "https://ghcr.io/v2/homebrew/core/sops/blobs/sha256:1f16877a71f0526a575d3777303bc4ad3d2e911a0c5b57e7cbcfd879e0f46b30", + "sha256": "1f16877a71f0526a575d3777303bc4ad3d2e911a0c5b57e7cbcfd879e0f46b30" }, "x86_64_linux": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/sops/blobs/sha256:a54849414c752566bfde2f0d26cc832c6312831ba7bdb94c35c40eb09e0eaf66", - "sha256": "a54849414c752566bfde2f0d26cc832c6312831ba7bdb94c35c40eb09e0eaf66" + "url": "https://ghcr.io/v2/homebrew/core/sops/blobs/sha256:a964b4b1c32e6343dedfb934d0bd29b42591a9c6408123a7f4ced3b094059be5", + "sha256": "a964b4b1c32e6343dedfb934d0bd29b42591a9c6408123a7f4ced3b094059be5" } } } }, "stern": { - "version": "1.28.0", + "version": "1.31.0", "bottle": { "rebuild": 0, "root_url": "https://ghcr.io/v2/homebrew/core", "files": { - "arm64_sonoma": { + "arm64_sequoia": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/stern/blobs/sha256:5a5619f1653a6181ccbdcc4ee5c32db8a17c972ff67747cf7f2a48b1475af8c4", - "sha256": "5a5619f1653a6181ccbdcc4ee5c32db8a17c972ff67747cf7f2a48b1475af8c4" + "url": "https://ghcr.io/v2/homebrew/core/stern/blobs/sha256:c17f9a51c97ffa7c2ba98289d6856c4911cd0abe11104e9502f7a96f61ce543d", + "sha256": "c17f9a51c97ffa7c2ba98289d6856c4911cd0abe11104e9502f7a96f61ce543d" }, - "arm64_ventura": { + "arm64_sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/stern/blobs/sha256:61355e42bdb24d895f26690a6db217c91fa1daad1b24ae0ceb0c726cec65307f", - "sha256": "61355e42bdb24d895f26690a6db217c91fa1daad1b24ae0ceb0c726cec65307f" + "url": "https://ghcr.io/v2/homebrew/core/stern/blobs/sha256:757d8920d399087d800b62fee38ea790a1f99591dbdefdb0cba06d88359726da", + "sha256": "757d8920d399087d800b62fee38ea790a1f99591dbdefdb0cba06d88359726da" }, - "arm64_monterey": { + "arm64_ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/stern/blobs/sha256:a7137a8ea403539f43a2fa17104af29292030ee927a73a2790b92077aab3e8f0", - "sha256": "a7137a8ea403539f43a2fa17104af29292030ee927a73a2790b92077aab3e8f0" + "url": "https://ghcr.io/v2/homebrew/core/stern/blobs/sha256:bab9dc71ed8010347cc2d3fc89d51bee010ac886f82c295d49c50a464e710da6", + "sha256": "bab9dc71ed8010347cc2d3fc89d51bee010ac886f82c295d49c50a464e710da6" }, "sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/stern/blobs/sha256:e3bc931627d8c8523b00793a3d4ccd87175ee2ce5ab0a930e7fc1a072f2952ed", - "sha256": "e3bc931627d8c8523b00793a3d4ccd87175ee2ce5ab0a930e7fc1a072f2952ed" + "url": "https://ghcr.io/v2/homebrew/core/stern/blobs/sha256:1f2d547b0aab8014bea1e07842f08801ca0aa9745d186f77f47fdcb8ed768204", + "sha256": "1f2d547b0aab8014bea1e07842f08801ca0aa9745d186f77f47fdcb8ed768204" }, "ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/stern/blobs/sha256:da271ef0adb308161ffff285aaf1b48392a2c074bef6f60b3c1af0acd1a8155d", - "sha256": "da271ef0adb308161ffff285aaf1b48392a2c074bef6f60b3c1af0acd1a8155d" - }, - "monterey": { - "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/stern/blobs/sha256:008aa981a8559b0b4bac5cf1bb11cfc373af5d175915e2a4da7ec9f7b5447323", - "sha256": "008aa981a8559b0b4bac5cf1bb11cfc373af5d175915e2a4da7ec9f7b5447323" + "url": "https://ghcr.io/v2/homebrew/core/stern/blobs/sha256:169e007b7afe649f113ebf0d4d675247f2fb9195e4df7e139a61fd2d88974a7c", + "sha256": "169e007b7afe649f113ebf0d4d675247f2fb9195e4df7e139a61fd2d88974a7c" }, "x86_64_linux": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/stern/blobs/sha256:9131cc6366cf57f0cd22a296e1182590ec516cecb4d8430617f2be52d7d36154", - "sha256": "9131cc6366cf57f0cd22a296e1182590ec516cecb4d8430617f2be52d7d36154" + "url": "https://ghcr.io/v2/homebrew/core/stern/blobs/sha256:8bbdbea5e0a5115eb23ac4488c46df15ec7ea0b78f6287ee25bc9596ec4536e1", + "sha256": "8bbdbea5e0a5115eb23ac4488c46df15ec7ea0b78f6287ee25bc9596ec4536e1" } } } }, "talhelper": { - "version": "2.2.0", + "version": "3.0.7", "bottle": { "rebuild": 0, "root_url": "https://ghcr.io/v2/homebrew/core", "files": { - "arm64_sonoma": { + "arm64_sequoia": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/talhelper/blobs/sha256:68cf21a3de208f43f0252e2f6b33f94d3cb682bd231c0713925219a74c110617", - "sha256": "68cf21a3de208f43f0252e2f6b33f94d3cb682bd231c0713925219a74c110617" + "url": "https://ghcr.io/v2/homebrew/core/talhelper/blobs/sha256:3421690810179e420cf81d35991a09f892ea8a284fb1bb2fd98323287f5741be", + "sha256": "3421690810179e420cf81d35991a09f892ea8a284fb1bb2fd98323287f5741be" }, - "arm64_ventura": { + "arm64_sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/talhelper/blobs/sha256:da6c052449758f2de6aac44ac953e26846fb8b07dcc4370d6f6d18ad19dc5d63", - "sha256": "da6c052449758f2de6aac44ac953e26846fb8b07dcc4370d6f6d18ad19dc5d63" + "url": "https://ghcr.io/v2/homebrew/core/talhelper/blobs/sha256:3421690810179e420cf81d35991a09f892ea8a284fb1bb2fd98323287f5741be", + "sha256": "3421690810179e420cf81d35991a09f892ea8a284fb1bb2fd98323287f5741be" }, - "arm64_monterey": { + "arm64_ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/talhelper/blobs/sha256:b067789c2746e65e4860d5f96c26ed36cf68080c34c40c3868c9ade0d39cc167", - "sha256": "b067789c2746e65e4860d5f96c26ed36cf68080c34c40c3868c9ade0d39cc167" + "url": "https://ghcr.io/v2/homebrew/core/talhelper/blobs/sha256:3421690810179e420cf81d35991a09f892ea8a284fb1bb2fd98323287f5741be", + "sha256": "3421690810179e420cf81d35991a09f892ea8a284fb1bb2fd98323287f5741be" }, "sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/talhelper/blobs/sha256:264741a8629dccb90fb8b465b5c304e37211d3af43379b069ff4837753503fd9", - "sha256": "264741a8629dccb90fb8b465b5c304e37211d3af43379b069ff4837753503fd9" + "url": "https://ghcr.io/v2/homebrew/core/talhelper/blobs/sha256:52f9afed4f7610a0ed0bf3db3330296767a78f5a39dae325bc5f93630820e910", + "sha256": "52f9afed4f7610a0ed0bf3db3330296767a78f5a39dae325bc5f93630820e910" }, "ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/talhelper/blobs/sha256:7ef9b034926aac2160db5e4da12ffac04c7ce3a1e4a4022c7f34269188aad2f9", - "sha256": "7ef9b034926aac2160db5e4da12ffac04c7ce3a1e4a4022c7f34269188aad2f9" - }, - "monterey": { - "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/talhelper/blobs/sha256:bfdf66f15e500419d4598142804e5afb51757bbbbc00daf61724ea34621e8120", - "sha256": "bfdf66f15e500419d4598142804e5afb51757bbbbc00daf61724ea34621e8120" + "url": "https://ghcr.io/v2/homebrew/core/talhelper/blobs/sha256:52f9afed4f7610a0ed0bf3db3330296767a78f5a39dae325bc5f93630820e910", + "sha256": "52f9afed4f7610a0ed0bf3db3330296767a78f5a39dae325bc5f93630820e910" }, "x86_64_linux": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/talhelper/blobs/sha256:b5346c76d986e6abce5fdcb4a04884436d78068b2c1e503a02300de91d1a996d", - "sha256": "b5346c76d986e6abce5fdcb4a04884436d78068b2c1e503a02300de91d1a996d" + "url": "https://ghcr.io/v2/homebrew/core/talhelper/blobs/sha256:3acf7f43ae37f6b5217ca064c68773b380e849c919e36129e214c159c23b9aa2", + "sha256": "3acf7f43ae37f6b5217ca064c68773b380e849c919e36129e214c159c23b9aa2" } } } @@ -607,48 +575,57 @@ "bottle": false }, "yq": { - "version": "4.41.1", + "version": "4.44.3", "bottle": { "rebuild": 0, "root_url": "https://ghcr.io/v2/homebrew/core", "files": { + "arm64_sequoia": { + "cellar": ":any_skip_relocation", + "url": "https://ghcr.io/v2/homebrew/core/yq/blobs/sha256:b375ddd394b7dd72206c25018e344a7fcea0888231ae47f67c7d48016f5fa8d6", + "sha256": "b375ddd394b7dd72206c25018e344a7fcea0888231ae47f67c7d48016f5fa8d6" + }, "arm64_sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/yq/blobs/sha256:c5404881e9aba4d22663971dd620f7e8bbd2bbed07d6623ddcb06b8108eb8271", - "sha256": "c5404881e9aba4d22663971dd620f7e8bbd2bbed07d6623ddcb06b8108eb8271" + "url": "https://ghcr.io/v2/homebrew/core/yq/blobs/sha256:135b4104db54ff0f2384b484ec59d7dfa4b8d877d36b19d2c327d5dcf39ca55d", + "sha256": "135b4104db54ff0f2384b484ec59d7dfa4b8d877d36b19d2c327d5dcf39ca55d" }, "arm64_ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/yq/blobs/sha256:ab37a388dac49f8aa1dee95154cf840cd4c23cd8756cf394dc629e647d908c8d", - "sha256": "ab37a388dac49f8aa1dee95154cf840cd4c23cd8756cf394dc629e647d908c8d" + "url": "https://ghcr.io/v2/homebrew/core/yq/blobs/sha256:7aaecc1b4c8db30398536f043f751e7410fd49d6e1f1ec3ee70562d676b9ffc5", + "sha256": "7aaecc1b4c8db30398536f043f751e7410fd49d6e1f1ec3ee70562d676b9ffc5" }, "arm64_monterey": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/yq/blobs/sha256:8580ba4cd20a0d5610dd253d91689d1fdacb5eb792ec2115713921524b8eb4ad", - "sha256": "8580ba4cd20a0d5610dd253d91689d1fdacb5eb792ec2115713921524b8eb4ad" + "url": "https://ghcr.io/v2/homebrew/core/yq/blobs/sha256:6f8f65e9c37da0f669deb55304aa505bdad4c34527363cf216a17aa3026ea944", + "sha256": "6f8f65e9c37da0f669deb55304aa505bdad4c34527363cf216a17aa3026ea944" }, "sonoma": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/yq/blobs/sha256:db2d0b23fcae3685db08dc78b67c592166ec4311f6058aad40fd984face94e60", - "sha256": "db2d0b23fcae3685db08dc78b67c592166ec4311f6058aad40fd984face94e60" + "url": "https://ghcr.io/v2/homebrew/core/yq/blobs/sha256:e9faf2512a92295132198ec88a989ea297e8dc47283b898b3b90242301309bab", + "sha256": "e9faf2512a92295132198ec88a989ea297e8dc47283b898b3b90242301309bab" }, "ventura": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/yq/blobs/sha256:823638d8a82d905fcd00c7e88b12cfe6ada9e9e4a9ea627cfb37d55965648354", - "sha256": "823638d8a82d905fcd00c7e88b12cfe6ada9e9e4a9ea627cfb37d55965648354" + "url": "https://ghcr.io/v2/homebrew/core/yq/blobs/sha256:c43be1488640e61f0ae87902f766b3065338379838d5f924c43d24b4626f3ecc", + "sha256": "c43be1488640e61f0ae87902f766b3065338379838d5f924c43d24b4626f3ecc" }, "monterey": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/yq/blobs/sha256:87ff086af7864d8419c519642079d6923cbc7931250faa39dd0df44a58ffcaf9", - "sha256": "87ff086af7864d8419c519642079d6923cbc7931250faa39dd0df44a58ffcaf9" + "url": "https://ghcr.io/v2/homebrew/core/yq/blobs/sha256:da068bc3603054ee422e89201dafc6990949d60f7b683e37d6b52c1b161b8251", + "sha256": "da068bc3603054ee422e89201dafc6990949d60f7b683e37d6b52c1b161b8251" }, "x86_64_linux": { "cellar": ":any_skip_relocation", - "url": "https://ghcr.io/v2/homebrew/core/yq/blobs/sha256:2c42c4894c4508bd6af2551dd07e5fe5646fe0ecb25d0a96931a263b5a46fdc1", - "sha256": "2c42c4894c4508bd6af2551dd07e5fe5646fe0ecb25d0a96931a263b5a46fdc1" + "url": "https://ghcr.io/v2/homebrew/core/yq/blobs/sha256:b2fc2e913fb1b863b3b2594318329a46676fb29c64dd5dae92711493ac3716ae", + "sha256": "b2fc2e913fb1b863b3b2594318329a46676fb29c64dd5dae92711493ac3716ae" } } } + }, + "siderolabs/tap/talosctl": { + "version": "1.8.1", + "bottle": false } } }, @@ -659,6 +636,12 @@ "HOMEBREW_PREFIX": "/home/linuxbrew/.linuxbrew", "Homebrew/homebrew-core": "api", "GCC": "13.2.1" + }, + "Fedora release 40 (Forty)": { + "HOMEBREW_VERSION": "4.4.1", + "HOMEBREW_PREFIX": "/home/linuxbrew/.linuxbrew", + "Homebrew/homebrew-core": "api", + "GCC": "14.2.1" } } } diff --git a/.taskfiles/workstation/Taskfile.yaml b/.taskfiles/workstation/Taskfile.yaml index a31b665927..030339a01d 100644 --- a/.taskfiles/workstation/Taskfile.yaml +++ b/.taskfiles/workstation/Taskfile.yaml @@ -2,52 +2,46 @@ # yaml-language-server: $schema=https://taskfile.dev/schema.json version: "3" -vars: - ARCHFILE: "{{.ROOT_DIR}}/.taskfiles/workstation/Archfile" - BREWFILE: "{{.ROOT_DIR}}/.taskfiles/workstation/Brewfile" - GENERIC_BIN_DIR: "{{.ROOT_DIR}}/.bin" - tasks: - direnv: - desc: Run direnv hooks - cmd: direnv allow . - status: - - "[[ $(direnv status --json | jq '.state.foundRC.allowed') == 0 ]]" - - "[[ $(direnv status --json | jq '.state.loadedRC.allowed') == 0 ]]" + arch: + desc: Set up Arch Linux tools + cmd: "{{.PKGMGR}} -Syu --needed --noconfirm --noprogressbar $(cat {{.ROOT_DIR}}/.taskfiles/workstation/Archfile | xargs)" + vars: + PKGMGR: + sh: command -v yay || command -v paru + preconditions: + - msg: Missing yay or paru + sh: command -v brew &>/dev/null || command -v paru &>/dev/null + - msg: Missing Archfile + sh: test -f {{.ROOT_DIR}}/.taskfiles/workstation/Archfile - venv: - desc: Set up virtual environment + brew: + desc: Set up Homebrew tools cmds: - - "{{.PYTHON_BIN}} -m venv {{.VIRTUAL_ENV}}" - - "{{.VIRTUAL_ENV}}/bin/python3 -m pip install --upgrade pip setuptools wheel" - - '{{.VIRTUAL_ENV}}/bin/python3 -m pip install --upgrade --requirement "{{.PIP_REQUIREMENTS_FILE}}"' + - brew bundle --file {{.ROOT_DIR}}/.taskfiles/workstation/Brewfile sources: - - "{{.PIP_REQUIREMENTS_FILE}}" + - "{{.ROOT_DIR}}/.taskfiles/workstation/Brewfile" generates: - - "{{.VIRTUAL_ENV}}/pyvenv.cfg" - preconditions: - - msg: "Missing Pip requirements file" - sh: "test -f {{.PIP_REQUIREMENTS_FILE}}" - - brew: - desc: Install workstation dependencies with Brew - cmd: brew bundle --file {{.BREWFILE}} + - "{{.ROOT_DIR}}/.taskfiles/workstation/Brewfile.lock.json" preconditions: - - {msg: "Missing Homebrew", sh: "command -v brew"} - - {msg: "Missing Brewfile", sh: "test -f {{.BREWFILE}}"} + - msg: Missing brew + sh: command -v brew &>/dev/null + - msg: Missing Brewfile + sh: test -f {{.ROOT_DIR}}/.taskfiles/workstation/Brewfile - arch: - desc: Install Arch workstation dependencies with Paru Or Yay - cmd: "{{.helper}} -Syu --needed --noconfirm --noprogressbar $(cat {{.ARCHFILE}} | xargs)" - vars: - helper: - sh: "command -v yay || command -v paru" + direnv: + desc: Run direnv hooks + cmd: direnv allow . + status: + - '[[ $(direnv status --json | jq ".state.foundRC.allowed") == 0 ]]' + - '[[ $(direnv status --json | jq ".state.loadedRC.allowed") == 0 ]]' preconditions: - - {msg: "Missing Archfile", sh: "test -f {{.ARCHFILE}}"} + - msg: Missing direnv + sh: command -v direnv &>/dev/null generic-linux: - desc: Install CLI tools into the projects .bin directory using curl - dir: "{{.GENERIC_BIN_DIR}}" + desc: Setup CLI tools into the projects .bin directory + dir: "{{.ROOT_DIR}}/.bin" platforms: ["linux/amd64", "linux/arm64"] cmds: - for: @@ -69,3 +63,19 @@ tasks: platforms: ["linux/arm64"] - cmd: chmod +x kubectl - cmd: curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | USE_SUDO="false" HELM_INSTALL_DIR="." bash + + venv: + desc: Set up virtual environment + cmds: + - python3 -m venv {{.VIRTUAL_ENV}} + - "{{.VIRTUAL_ENV}}/bin/python3 -m pip install --upgrade pip setuptools wheel" + - '{{.VIRTUAL_ENV}}/bin/python3 -m pip install --upgrade --requirement "{{.ROOT_DIR}}/requirements.txt"' + sources: + - "{{.ROOT_DIR}}/requirements.txt" + generates: + - "{{.VIRTUAL_ENV}}/pyvenv.cfg" + preconditions: + - msg: Missing python3 + sh: command -v python3 &>/dev/null + - msg: Missing Pip requirements file + sh: test -f {{.ROOT_DIR}}/requirements.txt diff --git a/Taskfile.yml b/Taskfile.yml index bfe9c88c5d..b3f903b55e 100644 --- a/Taskfile.yml +++ b/Taskfile.yml @@ -31,57 +31,60 @@ env: VIRTUAL_ENV: "{{.ROOT_DIR}}/.venv" includes: - kubernetes: - aliases: ["k8s"] - taskfile: .taskfiles/kubernetes/Taskfile.yaml - flux: .taskfiles/flux/Taskfile.yaml - repository: - aliases: ["repo"] - taskfile: .taskfiles/repository/Taskfile.yaml - talos: .taskfiles/talos/Taskfile.yaml - sops: .taskfiles/sops/Taskfile.yaml - workstation: .taskfiles/workstation/Taskfile.yaml - terraform: .taskfiles/terraform/Taskfile.yaml + bootstrap: .taskfiles/bootstrap + kubernetes: .taskfiles/kubernetes + talos: .taskfiles/talos + flux: .taskfiles/flux + workstation: .taskfiles/workstation/ + terraform: .taskfiles/terraform + user: + taskfile: .taskfiles/user + optional: true tasks: - default: task -l + default: task --list init: desc: Initialize configuration files cmds: - - mkdir -p {{.PRIVATE_DIR}} - cp -n {{.BOOTSTRAP_CONFIG_FILE | replace ".yaml" ".sample.yaml"}} {{.BOOTSTRAP_CONFIG_FILE}} - - cmd: echo === Configuration file copied === - silent: true - - cmd: echo Proceed with updating the configuration files... - silent: true - - cmd: echo {{.BOOTSTRAP_CONFIG_FILE}} - silent: true + - echo "=== Configuration file copied ===" + - echo "Proceed with updating the configuration files..." + - echo "{{.BOOTSTRAP_CONFIG_FILE}}" status: - - test -f "{{.BOOTSTRAP_CONFIG_FILE}}" + - test -f {{.BOOTSTRAP_CONFIG_FILE}} + silent: true configure: desc: Configure repository from bootstrap vars - prompt: Any conflicting config in the root kubernetes and ansible directories will be overwritten... continue? - deps: ["workstation:direnv", "workstation:venv", "sops:age-keygen", "init"] + prompt: Any conflicting config in the kubernetes directory will be overwritten... continue? + deps: + ["workstation:direnv", "workstation:venv", "bootstrap:age-keygen", "init"] cmds: - - task: .template - - task: sops:encrypt - - task: .validate + - task: template + - task: bootstrap:encrypt + - task: validate - .template: + template: internal: true cmd: "{{.VIRTUAL_ENV}}/bin/makejinja" preconditions: - - {msg: "Missing virtual environment", sh: "test -d {{.VIRTUAL_ENV}}"} - - msg: "Missing Makejinja config file" - sh: "test -f {{.MAKEJINJA_CONFIG_FILE}}" - - msg: "Missing Makejinja plugin file" - sh: "test -f {{.BOOTSTRAP_DIR}}/scripts/plugin.py" - - msg: "Missing bootstrap config file" - sh: "test -f {{.BOOTSTRAP_CONFIG_FILE}}" + - msg: Missing virtual environment + sh: test -d {{.VIRTUAL_ENV}} + - msg: Missing Makejinja config file + sh: test -f {{.MAKEJINJA_CONFIG_FILE}} + - msg: Missing Makejinja plugin file + sh: test -f {{.BOOTSTRAP_DIR}}/scripts/plugin.py + - msg: Missing bootstrap config file + sh: test -f {{.BOOTSTRAP_CONFIG_FILE}} - .validate: + validate: internal: true cmds: - task: kubernetes:kubeconform + - echo "=== Done rendering and validating YAML ===" + - '{{if eq .HOME_SOPS_AGE_KEY_FILE_EXISTS "true"}}echo "WARNING: SOPS Age key found in home directory, this may cause conflicts."{{end}}' + vars: + HOME_SOPS_AGE_KEY_FILE_EXISTS: + sh: test -f ~/.config/sops/age/keys.txt && echo true || echo false + silent: true diff --git a/kubernetes/apps/kube-system/cilium/app/helm-release.yaml b/kubernetes/apps/kube-system/cilium/app/helm-release.yaml index 7fcb2756cd..d7882d8aed 100644 --- a/kubernetes/apps/kube-system/cilium/app/helm-release.yaml +++ b/kubernetes/apps/kube-system/cilium/app/helm-release.yaml @@ -45,7 +45,7 @@ spec: valuesFrom: - kind: ConfigMap - name: cilium-values + name: cilium-helm-values values: dashboards: diff --git a/kubernetes/apps/kube-system/cilium/app/values.yaml b/kubernetes/apps/kube-system/cilium/app/helm-values.yaml similarity index 95% rename from kubernetes/apps/kube-system/cilium/app/values.yaml rename to kubernetes/apps/kube-system/cilium/app/helm-values.yaml index 7ae83ce07b..4c3f3a8550 100644 --- a/kubernetes/apps/kube-system/cilium/app/values.yaml +++ b/kubernetes/apps/kube-system/cilium/app/helm-values.yaml @@ -14,7 +14,7 @@ bgp: loadbalancerIP: false bpf: - masquerade: true + masquerade: false tproxy: true autoMount: enabled: true @@ -43,10 +43,6 @@ enableIPv4Masquerade: true enableIPv6Masquerade: true -endpointStatus: - enabled: true - status: "policy" - endpointRoutes: enabled: false @@ -150,7 +146,7 @@ prometheus: rollOutCiliumPods: true -routingMode: "" +routingMode: native securityContext: capabilities: @@ -170,5 +166,3 @@ securityContext: - NET_ADMIN - SYS_ADMIN - SYS_RESOURCE - -tunnelProtocol: "" diff --git a/kubernetes/apps/kube-system/cilium/app/kustomization.yaml b/kubernetes/apps/kube-system/cilium/app/kustomization.yaml index d76204ebb6..3235bbed40 100644 --- a/kubernetes/apps/kube-system/cilium/app/kustomization.yaml +++ b/kubernetes/apps/kube-system/cilium/app/kustomization.yaml @@ -9,7 +9,7 @@ resources: configMapGenerator: - name: cilium-values files: - - values.yaml=./values.yaml + - values.yaml=./helm-values.yaml configurations: - kustomizeconfig.yaml diff --git a/kubernetes/apps/kube-system/coredns/app/helm-release.yaml b/kubernetes/apps/kube-system/coredns/app/helm-release.yaml new file mode 100644 index 0000000000..898a447228 --- /dev/null +++ b/kubernetes/apps/kube-system/coredns/app/helm-release.yaml @@ -0,0 +1,26 @@ +--- +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: coredns +spec: + interval: 30m + chart: + spec: + chart: coredns + version: 1.36.0 + sourceRef: + kind: HelmRepository + name: coredns + namespace: flux-system + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + strategy: rollback + retries: 3 + valuesFrom: + - kind: ConfigMap + name: coredns-helm-values diff --git a/kubernetes/apps/kube-system/coredns/app/helm-values.yaml b/kubernetes/apps/kube-system/coredns/app/helm-values.yaml new file mode 100644 index 0000000000..88562be925 --- /dev/null +++ b/kubernetes/apps/kube-system/coredns/app/helm-values.yaml @@ -0,0 +1,50 @@ +--- +fullnameOverride: coredns +k8sAppLabelOverride: kube-dns +serviceAccount: + create: true +service: + name: kube-dns + clusterIP: "10.43.0.10" +servers: + - zones: + - zone: . + scheme: dns:// + use_tcp: true + port: 53 + plugins: + - name: errors + - name: health + configBlock: |- + lameduck 5s + - name: ready + - name: log + configBlock: |- + class error + - name: prometheus + parameters: 0.0.0.0:9153 + - name: kubernetes + parameters: cluster.local in-addr.arpa ip6.arpa + configBlock: |- + pods insecure + fallthrough in-addr.arpa ip6.arpa + - name: forward + parameters: . /etc/resolv.conf + - name: cache + parameters: 30 + - name: loop + - name: reload + - name: loadbalance +affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: Exists +tolerations: + - key: CriticalAddonsOnly + operator: Exists + - key: node-role.kubernetes.io/control-plane + operator: Exists + effect: NoSchedule diff --git a/kubernetes/apps/kube-system/coredns/app/kustomization.yaml b/kubernetes/apps/kube-system/coredns/app/kustomization.yaml new file mode 100644 index 0000000000..93b5f2ac5c --- /dev/null +++ b/kubernetes/apps/kube-system/coredns/app/kustomization.yaml @@ -0,0 +1,11 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./helm-release.yaml +configMapGenerator: + - name: coredns-helm-values + files: + - values.yaml=./helm-values.yaml +configurations: + - kustomizeconfig.yaml diff --git a/kubernetes/apps/kube-system/coredns/app/kustomizeconfig.yaml b/kubernetes/apps/kube-system/coredns/app/kustomizeconfig.yaml new file mode 100644 index 0000000000..58f92ba153 --- /dev/null +++ b/kubernetes/apps/kube-system/coredns/app/kustomizeconfig.yaml @@ -0,0 +1,7 @@ +--- +nameReference: + - kind: ConfigMap + version: v1 + fieldSpecs: + - path: spec/valuesFrom/name + kind: HelmRelease diff --git a/kubernetes/apps/kube-system/coredns/ks.yaml b/kubernetes/apps/kube-system/coredns/ks.yaml new file mode 100644 index 0000000000..afa7ae2f15 --- /dev/null +++ b/kubernetes/apps/kube-system/coredns/ks.yaml @@ -0,0 +1,19 @@ +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app coredns + namespace: flux-system +spec: + targetNamespace: kube-system + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./kubernetes/apps/kube-system/coredns/app + prune: false # never should be deleted + sourceRef: + kind: GitRepository + name: home-kubernetes + wait: false + interval: 30m + timeout: 5m diff --git a/kubernetes/apps/kube-system/kubelet-csr-approver/app/helm-values.yaml b/kubernetes/apps/kube-system/kubelet-csr-approver/app/helm-values.yaml new file mode 100644 index 0000000000..3ad5672507 --- /dev/null +++ b/kubernetes/apps/kube-system/kubelet-csr-approver/app/helm-values.yaml @@ -0,0 +1,5 @@ +--- +providerRegex: | + ^(kmaster1|kmaster2|kmaster3|kworker1|kworker2|kworker3)$ + +bypassDnsResolution: true diff --git a/kubernetes/apps/kube-system/kubelet-csr-approver/app/values.yaml b/kubernetes/apps/kube-system/kubelet-csr-approver/app/values.yaml deleted file mode 100644 index 59093c7d7f..0000000000 --- a/kubernetes/apps/kube-system/kubelet-csr-approver/app/values.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -providerRegex: | - ^(kmaster1|kmaster2|kmaster3)$ - -bypassDnsResolution: true diff --git a/kubernetes/bootstrap/helmfile.yaml b/kubernetes/bootstrap/helmfile.yaml new file mode 100644 index 0000000000..33ec658ef8 --- /dev/null +++ b/kubernetes/bootstrap/helmfile.yaml @@ -0,0 +1,65 @@ +--- +helmDefaults: + wait: true + waitForJobs: true + timeout: 600 + recreatePods: true + force: true + +repositories: + - name: cilium + url: https://helm.cilium.io + - name: coredns + url: https://coredns.github.io/helm + - name: postfinance + url: https://postfinance.github.io/kubelet-csr-approver + - name: prometheus-community + url: https://prometheus-community.github.io/helm-charts + +releases: + - name: prometheus-operator-crds + namespace: monitoring + chart: prometheus-community/prometheus-operator-crds + version: 15.0.0 + + - name: cilium + namespace: kube-system + chart: cilium/cilium + version: 1.16.3 + values: + - ../apps/kube-system/cilium/app/helm-values.yaml + needs: + - monitoring/prometheus-operator-crds + + - name: coredns + namespace: kube-system + chart: coredns/coredns + version: 1.36.0 + values: + - ../apps/kube-system/coredns/app/helm-values.yaml + needs: + - monitoring/prometheus-operator-crds + - kube-system/cilium + + - name: kubelet-csr-approver + namespace: kube-system + chart: postfinance/kubelet-csr-approver + version: 1.2.3 + values: + - ../apps/kube-system/kubelet-csr-approver/app/helm-values.yaml + needs: + - monitoring/prometheus-operator-crds + - kube-system/cilium + - kube-system/coredns + + # - name: spegel + # namespace: kube-system + # chart: oci://ghcr.io/spegel-org/helm-charts/spegel + # version: v0.0.27 + # values: + # - ../apps/kube-system/spegel/app/helm-values.yaml + # needs: + # - monitoring/prometheus-operator-crds + # - kube-system/cilium + # - kube-system/coredns + # - kube-system/kubelet-csr-approver diff --git a/kubernetes/bootstrap/talos/apps/cilium-values.yaml b/kubernetes/bootstrap/talos/apps/cilium-values.yaml index 23e029e0bd..a94d7c18dc 100644 --- a/kubernetes/bootstrap/talos/apps/cilium-values.yaml +++ b/kubernetes/bootstrap/talos/apps/cilium-values.yaml @@ -14,7 +14,7 @@ bgp: loadbalancerIP: false bpf: - masquerade: true + masquerade: false tproxy: true autoMount: enabled: true diff --git a/kubernetes/bootstrap/talos/patches/controller/api-access.yaml b/kubernetes/bootstrap/talos/patches/controller/api-access.yaml new file mode 100644 index 0000000000..7723284427 --- /dev/null +++ b/kubernetes/bootstrap/talos/patches/controller/api-access.yaml @@ -0,0 +1,8 @@ +machine: + features: + kubernetesTalosAPIAccess: + enabled: true + allowedRoles: + - os:admin + allowedKubernetesNamespaces: + - system-upgrade diff --git a/kubernetes/bootstrap/talos/patches/controller/cluster.yaml b/kubernetes/bootstrap/talos/patches/controller/cluster.yaml new file mode 100644 index 0000000000..123c2920f9 --- /dev/null +++ b/kubernetes/bootstrap/talos/patches/controller/cluster.yaml @@ -0,0 +1,15 @@ +cluster: + allowSchedulingOnControlPlanes: true + apiServer: + disablePodSecurityPolicy: true + admissionControl: [] + controllerManager: + extraArgs: + bind-address: 0.0.0.0 + coreDNS: + disabled: true + proxy: + disabled: true + scheduler: + extraArgs: + bind-address: 0.0.0.0 diff --git a/kubernetes/bootstrap/talos/patches/controller/disable-admission-controller.yaml b/kubernetes/bootstrap/talos/patches/controller/disable-admission-controller.yaml new file mode 100644 index 0000000000..e311789f4c --- /dev/null +++ b/kubernetes/bootstrap/talos/patches/controller/disable-admission-controller.yaml @@ -0,0 +1,2 @@ +- op: remove + path: /cluster/apiServer/admissionControl diff --git a/kubernetes/bootstrap/talos/patches/controller/etcd.yaml b/kubernetes/bootstrap/talos/patches/controller/etcd.yaml new file mode 100644 index 0000000000..c23c6f386e --- /dev/null +++ b/kubernetes/bootstrap/talos/patches/controller/etcd.yaml @@ -0,0 +1,6 @@ +cluster: + etcd: + extraArgs: + listen-metrics-urls: http://0.0.0.0:2381 + advertisedSubnets: + - 192.168.20.0/24 diff --git a/kubernetes/bootstrap/talos/patches/global/cluster-discovery.yaml b/kubernetes/bootstrap/talos/patches/global/cluster-discovery.yaml new file mode 100644 index 0000000000..ecafec6ef1 --- /dev/null +++ b/kubernetes/bootstrap/talos/patches/global/cluster-discovery.yaml @@ -0,0 +1,7 @@ +cluster: + discovery: + registries: + kubernetes: + disabled: false + service: + disabled: true diff --git a/kubernetes/bootstrap/talos/patches/global/containerd.yaml b/kubernetes/bootstrap/talos/patches/global/containerd.yaml new file mode 100644 index 0000000000..6b5b28b40e --- /dev/null +++ b/kubernetes/bootstrap/talos/patches/global/containerd.yaml @@ -0,0 +1,24 @@ +machine: + files: + - op: create + path: /etc/cri/conf.d/20-customization.part + content: |- + [plugins."io.containerd.grpc.v1.cri"] + enable_unprivileged_ports = true + enable_unprivileged_icmp = true + [plugins."io.containerd.grpc.v1.cri".containerd] + discard_unpacked_layers = false + [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] + discard_unpacked_layers = false + - op: overwrite + path: /etc/nfsmount.conf + permissions: 0o644 + content: | + [ NFSMount_Global_Options ] + nfsvers=4.2 + hard=True + noatime=True + nodiratime=True + rsize=131072 + wsize=131072 + nconnect=8 diff --git a/kubernetes/bootstrap/talos/patches/global/disable-search-domain.yaml b/kubernetes/bootstrap/talos/patches/global/disable-search-domain.yaml new file mode 100644 index 0000000000..8ba647c499 --- /dev/null +++ b/kubernetes/bootstrap/talos/patches/global/disable-search-domain.yaml @@ -0,0 +1,3 @@ +machine: + network: + disableSearchDomain: true diff --git a/kubernetes/bootstrap/talos/patches/global/hostdns.yaml b/kubernetes/bootstrap/talos/patches/global/hostdns.yaml new file mode 100644 index 0000000000..6033ccd272 --- /dev/null +++ b/kubernetes/bootstrap/talos/patches/global/hostdns.yaml @@ -0,0 +1,6 @@ +machine: + features: + hostDNS: + enabled: true + resolveMemberNames: true + forwardKubeDNSToHost: true # Requires Cilium `bpf.masquerade: false` diff --git a/kubernetes/bootstrap/talos/patches/global/kubelet.yaml b/kubernetes/bootstrap/talos/patches/global/kubelet.yaml new file mode 100644 index 0000000000..1c385fd232 --- /dev/null +++ b/kubernetes/bootstrap/talos/patches/global/kubelet.yaml @@ -0,0 +1,9 @@ +machine: + kubelet: + extraArgs: + rotate-server-certificates: "true" + extraConfig: + maxPods: 150 + nodeIP: + validSubnets: + - 192.168.20.0/24 diff --git a/kubernetes/bootstrap/talos/patches/global/network.yaml b/kubernetes/bootstrap/talos/patches/global/network.yaml new file mode 100644 index 0000000000..0de63f2973 --- /dev/null +++ b/kubernetes/bootstrap/talos/patches/global/network.yaml @@ -0,0 +1,15 @@ +machine: + network: + nameservers: + - 192.168.20.1 + disableSearchDomain: true + interfaces: + - interface: eth0 + routes: + - network: 0.0.0.0/0 + gateway: 192.168.20.1 + dhcp: true + extraHostEntries: + - ip: ${CLUSTERENDPOINTIP} + aliases: + - ${CLUSTER_NAME}.${DOMAINNAME} diff --git a/kubernetes/bootstrap/talos/patches/global/openebs-local.yaml b/kubernetes/bootstrap/talos/patches/global/openebs-local.yaml new file mode 100644 index 0000000000..e4095d171c --- /dev/null +++ b/kubernetes/bootstrap/talos/patches/global/openebs-local.yaml @@ -0,0 +1,10 @@ +machine: + kubelet: + extraMounts: + - destination: /var/openebs/local + type: bind + source: /var/openebs/local + options: + - bind + - rshared + - rw diff --git a/kubernetes/bootstrap/talos/patches/global/sysctl.yaml b/kubernetes/bootstrap/talos/patches/global/sysctl.yaml new file mode 100644 index 0000000000..8f154df0e8 --- /dev/null +++ b/kubernetes/bootstrap/talos/patches/global/sysctl.yaml @@ -0,0 +1,7 @@ +machine: + sysctls: + fs.inotify.max_queued_events: "65536" + fs.inotify.max_user_watches: "524288" + fs.inotify.max_user_instances: "8192" + net.core.rmem_max: "7500000" + net.core.wmem_max: "7500000" diff --git a/kubernetes/bootstrap/talos/talconfig.yaml b/kubernetes/bootstrap/talos/talconfig.yaml index 40bf94a283..03e0e18d27 100644 --- a/kubernetes/bootstrap/talos/talconfig.yaml +++ b/kubernetes/bootstrap/talos/talconfig.yaml @@ -7,8 +7,6 @@ talosVersion: v1.8.1 kubernetesVersion: v1.31.1 endpoint: "https://192.168.20.1:6443" -allowSchedulingOnMasters: true - clusterPodNets: - ${CLUSTER_PODNET} clusterSvcNets: @@ -55,6 +53,34 @@ nodes: controlPlane: false installDisk: /dev/sda +patches: + - |- + machine: + install: + extraKernelArgs: + - "talos.logging.kernel=udp://192.168.20.52:6050/" + logging: + destinations: + - endpoint: "udp://192.168.20.52:6051/" + format: json_lines + time: + disabled: false + servers: + - 192.168.20.1 + features: + kubePrism: + enabled: true + port: 7445 + + - "@./patches/global/cluster-discovery.yaml" + - "@./patches/global/containerd.yaml" + - "@./patches/global/disable-search-domain.yaml" + - "@./patches/global/hostdns.yaml" + - "@./patches/global/kubelet.yaml" + - "@./patches/global/network.yaml" + - "@./patches/global/openebs-local.yaml" + - "@./patches/global/sysctl.yaml" + controlPlane: schematic: customization: @@ -63,107 +89,10 @@ controlPlane: - siderolabs/qemu-guest-agent patches: - - |- - cluster: - apiServer: - disablePodSecurityPolicy: true - admissionControl: [] - etcd: - extraArgs: - listen-metrics-urls: http://0.0.0.0:2381 - advertisedSubnets: - - 192.168.20.0/24 - controllerManager: - extraArgs: - bind-address: 0.0.0.0 - discovery: - registries: - kubernetes: - disabled: false - service: - disabled: false - proxy: - disabled: true - scheduler: - extraArgs: - bind-address: 0.0.0.0 - - machine: - kubelet: - extraArgs: - rotate-server-certificates: "true" - extraConfig: - maxPods: 150 - nodeIP: - validSubnets: - - 192.168.20.0/24 - install: - extraKernelArgs: - - "talos.logging.kernel=udp://192.168.20.52:6050/" - logging: - destinations: - - endpoint: "udp://192.168.20.52:6051/" - format: json_lines - sysctls: - fs.inotify.max_queued_events: 65536 - fs.inotify.max_user_watches: 524288 - fs.inotify.max_user_instances: 8192 - time: - disabled: false - servers: - - 192.168.20.1 - files: - - op: create - path: /etc/cri/conf.d/20-customization.part - content: |- - [plugins."io.containerd.grpc.v1.cri"] - enable_unprivileged_ports = true - enable_unprivileged_icmp = true - [plugins."io.containerd.grpc.v1.cri".containerd] - discard_unpacked_layers = false - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] - discard_unpacked_layers = false - - op: overwrite - path: /etc/nfsmount.conf - permissions: 0o644 - content: | - [ NFSMount_Global_Options ] - nfsvers=4.2 - hard=True - noatime=True - nodiratime=True - rsize=131072 - wsize=131072 - nconnect=8 - network: - nameservers: - - 192.168.20.1 - disableSearchDomain: true - interfaces: - - interface: eth0 - routes: - - network: 0.0.0.0/0 - gateway: 192.168.20.1 - dhcp: true - extraHostEntries: - - ip: ${CLUSTERENDPOINTIP} - aliases: - - ${CLUSTER_NAME}.${DOMAINNAME} - features: - kubePrism: - enabled: true - port: 7445 - kubernetesTalosAPIAccess: - enabled: true - allowedRoles: - - os:admin - allowedKubernetesNamespaces: - - system-upgrade - - # Disable default API server admission plugins. - - |- - - op: remove - path: /cluster/apiServer/admissionControl + - "@./patches/controller/api-access.yaml" + - "@./patches/controller/cluster.yaml" + - "@./patches/controller/disable-admission-controller.yaml" + - "@./patches/controller/etcd.yaml" worker: schematic: @@ -171,73 +100,3 @@ worker: systemExtensions: officialExtensions: - siderolabs/qemu-guest-agent - - patches: - - |- - cluster: - discovery: - registries: - service: - disabled: true - - machine: - kubelet: - extraArgs: - rotate-server-certificates: "true" - extraConfig: - maxPods: 150 - nodeIP: - validSubnets: - - 192.168.20.0/24 - install: - extraKernelArgs: - - "talos.logging.kernel=udp://192.168.20.52:6050/" - logging: - destinations: - - endpoint: "udp://192.168.20.52:6051/" - format: json_lines - sysctls: - fs.inotify.max_queued_events: 65536 - fs.inotify.max_user_watches: 524288 - fs.inotify.max_user_instances: 8192 - time: - disabled: false - servers: - - 192.168.20.1 - files: - - op: create - path: /etc/cri/conf.d/20-customization.part - content: |- - [plugins."io.containerd.grpc.v1.cri"] - enable_unprivileged_ports = true - enable_unprivileged_icmp = true - [plugins."io.containerd.grpc.v1.cri".containerd] - discard_unpacked_layers = false - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] - discard_unpacked_layers = false - - op: overwrite - path: /etc/nfsmount.conf - permissions: 0o644 - content: | - [ NFSMount_Global_Options ] - nfsvers=4.2 - hard=True - noatime=True - nodiratime=True - rsize=131072 - wsize=131072 - nconnect=8 - network: - nameservers: - - 192.168.20.1 - disableSearchDomain: true - interfaces: - - interface: eth0 - routes: - - network: 0.0.0.0/0 - gateway: 192.168.20.1 - dhcp: true - features: - kubePrism: - enabled: true - port: 7445 diff --git a/kubernetes/bootstrap/talos/talsecret.sops.yaml b/kubernetes/bootstrap/talos/talsecret.sops.yaml new file mode 100644 index 0000000000..25175936f9 --- /dev/null +++ b/kubernetes/bootstrap/talos/talsecret.sops.yaml @@ -0,0 +1,43 @@ +cluster: + id: WTDR1x1S7xh6iQ7aCJiyBM6xS9T5rABk770EdyjcHcc= + secret: z3WxvfXUGoqtqaOXrfGCVRA0CXozcjFySWoUtzy04es= +secrets: + bootstraptoken: fn876e.pxi0n3fgmulk9lj6 + secretboxencryptionsecret: ZhW5dA8sFkhBMEvNodDWPm2kDUl/boG/VYp+A5Qj5ZI= +trustdinfo: + token: unodyv.7cp2s9a0serg7t4m +certs: + etcd: + crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJmekNDQVNTZ0F3SUJBZ0lSQUxtdmZ0cEMvc0wrS2xGTjE3TE4zKzR3Q2dZSUtvWkl6ajBFQXdJd0R6RU4KTUFzR0ExVUVDaE1FWlhSalpEQWVGdzB5TkRFd01Ua3lNRFF6TXpOYUZ3MHpOREV3TVRjeU1EUXpNek5hTUE4eApEVEFMQmdOVkJBb1RCR1YwWTJRd1dUQVRCZ2NxaGtqT1BRSUJCZ2dxaGtqT1BRTUJCd05DQUFSaSticEtYUWNuClFoazN6dzQ1bEhBaEQvYnd2WFhDTE93Qmg5Rkh3UXMrWlhFdi8vTWNtalFSd2VtT0ZhajIyMGhmOWlWTXVOMmkKZk5TdVdwZU8xUnhlbzJFd1h6QU9CZ05WSFE4QkFmOEVCQU1DQW9Rd0hRWURWUjBsQkJZd0ZBWUlLd1lCQlFVSApBd0VHQ0NzR0FRVUZCd01DTUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3SFFZRFZSME9CQllFRk44alRVYlo1b3FaCitabExHZklJdWJSMnVkYlBNQW9HQ0NxR1NNNDlCQU1DQTBrQU1FWUNJUUR1dUhCL29EbWlFQkFWTjR0M1lhajUKbHJybC8wUXNqRXJmekd2WHN1UitvZ0loQU8wOWQxQnpjcTBic0tZeHYyZHdKTFFEaHp1bVdpTXVBM2NmTmZXQgphY0VJCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + key: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSU1jWnpNUm9CQnBmZkUxMi9PT3FXMWJwN01qa3pIU005YlNuTU9XdFBlZ2RvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFWXZtNlNsMEhKMElaTjg4T09aUndJUS8yOEwxMXdpenNBWWZSUjhFTFBtVnhMLy96SEpvMApFY0hwamhXbzl0dElYL1lsVExqZG9uelVybHFYanRVY1hnPT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo= + k8s: + crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJpVENDQVRDZ0F3SUJBZ0lSQUpFUldjRVVBanp5STlldVVrczllZm93Q2dZSUtvWkl6ajBFQXdJd0ZURVQKTUJFR0ExVUVDaE1LYTNWaVpYSnVaWFJsY3pBZUZ3MHlOREV3TVRreU1EUXpNek5hRncwek5ERXdNVGN5TURRegpNek5hTUJVeEV6QVJCZ05WQkFvVENtdDFZbVZ5Ym1WMFpYTXdXVEFUQmdjcWhrak9QUUlCQmdncWhrak9QUU1CCkJ3TkNBQVNSSWJMYnRTUGFUOXRCTlBNM2t1M2NzeFl1dk4yenBUN3lTLzdmWUhOVjlEWDJuY00wTVlES2lZTmMKZWY5SzFER2VDSmlLalJScHpIckJaYVBBL3FNbm8yRXdYekFPQmdOVkhROEJBZjhFQkFNQ0FvUXdIUVlEVlIwbApCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUZNQU1CQWY4d0hRWURWUjBPCkJCWUVGSi9QV0N1TVlSUVJQOUdkNVJ3Y3dMaTVOK1prTUFvR0NDcUdTTTQ5QkFNQ0EwY0FNRVFDSUZ6Znh6aTYKR0xITTlCaUFTRUsrTDgxU1A0aHN6ZnVNV3JwbjNsUWJYSFN6QWlCZW43OGtxeVRxSGN4K2xTSmNvY2p5WjdMMAp1b2VBbmxxWENjVWk5QVViYXc9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + key: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUZXRndiZXYrZkNjTVRuMzRzZC9UbWlELzZvaCtFLzhqVCtIdmlRTlFtZVlvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFa1NHeTI3VWoyay9iUVRUek41THQzTE1XTHJ6ZHM2VSs4a3YrMzJCelZmUTE5cDNETkRHQQp5b21EWEhuL1N0UXhuZ2lZaW8wVWFjeDZ3V1dqd1A2akp3PT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo= + k8saggregator: + crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJYekNDQVFXZ0F3SUJBZ0lRSUhZKzJEQm41S2NtbGhpMFBvOGtYakFLQmdncWhrak9QUVFEQWpBQU1CNFgKRFRJME1UQXhPVEl3TkRNek0xb1hEVE0wTVRBeE56SXdORE16TTFvd0FEQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxRwpTTTQ5QXdFSEEwSUFCS0l6TlN6TnlwQnhCclYxcUJ4dXE5SXBRblAyZHduK2dqeDQvUFF0RFdUNkVlN2xCNjVWCkM0QmpKVE00aGVnS0xQcUtlWERXYzdQVDlVSVVSVDJQeGRLallUQmZNQTRHQTFVZER3RUIvd1FFQXdJQ2hEQWQKQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQVFZSUt3WUJCUVVIQXdJd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZApCZ05WSFE0RUZnUVVXM2phU1BUUjlXNEFrbHN2UFlUd2xva1pDOHN3Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUlnClVBMVY3NUdJaEt3dUVvaVVOcGhHTlQ2dm5Lcm1mNUFnL05PTHo3MThsOFlDSVFDcVJ3c2FOVk1iUXVCSFhTUUsKU29hbmIvWEd5TmdRdTFqTkRGUzhob3FkZUE9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + key: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSVBlTFg4RUxjMld2aldkT25xWEJ1bWYzTldmSlA1SFI4THNjcUpSeGNTbXRvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFb2pNMUxNM0trSEVHdFhXb0hHNnIwaWxDYy9aM0NmNkNQSGo4OUMwTlpQb1I3dVVIcmxVTApnR01sTXppRjZBb3Mrb3A1Y05aenM5UDFRaFJGUFkvRjBnPT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo= + k8sserviceaccount: + key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlKSndJQkFBS0NBZ0VBdHBNdmxDWEJVYWxBZWNNVGhjbm5Oa0hIWWlwTGlyT3FaQXRaQ0x3a29aeDcyYzZDCnpjYitJV0orYk0zY3FkRmZhaG5oNC9ZVGFrc3JhSFJxM1llUjhpYVFyM2k3QXVpbVkwY2h3ZmFRb2NzbWJZbEkKbnI0ZVJtUHRmOGxxODFoZFhnOGZIbVQyRnVkdVJvd2lNTGk2alFBa1YvU0ZWWmQ0SlRlSUlCaGlzek5mZXkybApmUzVWYWlXSk8yS1l5VU4xc3RWL2ZNMVU3bElYMlp4ak1Dek9EbnMyY2F5Qlg4VDYwdHlSUUpFWDFGektuSE5sCnZGU2RBQkhGd0NHYkV5eU5Sa254c0dndW1pYnBnWFRLRXB6QVIvZUM0QVNuZ05wSG41S3dSS1BMNURxb1JoMHgKMzJBQ3JyQmJOd082clFtUllsZFJROFZ1L2M1c2dzcTBqZTlISnFIMGcrMlBtK256dlZoVlZlcGZiZkpGamIwSApsZmVQaVVGTFgvLzRYNjBEVC9paktrMXpzNXVzZGNlSmJPTHVJWjlHR2NKYnVwS1NtVFlhVkNGU3BoRC9TTmlGCmVqMVJ2NlJ4aTYzVGpXUlZjNmRid0dRR0ZTYWNtM016Q2xZMU51VSsvcEpGTFRUMU1YVVkvRXNkZVN5SVl4VFkKQXBkT09NbGh6c0g1L29kbUt3Z3FycldvbHJlZ3owd2JOREZtaXlyaFJibXhERXdnTkt6ckFpSVlyZkNoNEh5cQoxMjlic1U0MDhNRDV1TDdYREdXeWpQczVKU1Z2djdWdXh4MnBNWHMxdnBRMkRiUGtYbmRjckI0eXlxZTV3aUIwCjYxSGhRdlFUbmVuRjRSbUgzVjBvRUdSUUNtTHFQOGtRd1NKY2ZJK0djdU9aWmpOcnVLdE0yc1oyalMwQ0F3RUEKQVFLQ0FnQjF6SCs5V2FMaStvNVVRYzZkMndpb2xFWitDd1lVcHhuQVZTWU1JY0NNMmJkN2IrZ3J0MElPN2tyZQpEdkZhVEhJQXRsUnVUajUycmF1RFNPSU9yME0yZHpXUlVoZHZxQVo3TmRFTklmWnR2Zks4YUFDSUUramF4K3pjCkwyd25PSk45ZGNwQlJTa1czQm5sd05McWxyWWU5Y0Y5VXBLWkNCTUlDRTEzVCtTVzlRV2RKM1dJVUZYaUYvZjAKYmdoZ2kzc3NlTjQ1K3czYWV2TlNmN25yd216dElRaWV6WXZuNitOZUc5eElTWldUZW85cjVIVDJ6NjFBOXphZApZZEY1ekp3V2h1MC9RZWtYb3hXMFpsTmZNTzVMUU9LYmdjVkZ1UkRQWDhrRmNKM0VVeWh4bkxLcUNudVFsTTgxCnJ0MUtla3JvcGFnVVR4WHZBcm8ycFcxYnl0QWZmN3JmNVMvTGg5OHpPdEpwQWc0NHliQTdLYWt1cHJSSytFYWkKYmtFbitxZlN6Tnp6VEJsbDFocFMyMW5nZm93ckMvcGZjbU1HSWg4Z1hsaVlnMy9mUzNRN0VsOFhOYVJPTWd6LwpJTU1hcFFYa08zUVB4K1lUZjd6NlYraFhtNHo1SnNCN3gxZFVYa2FYNDFQei8wMG1VTFdWWWloUjhEcWFrNTE0ClI0UkNLa2YxK0tKNzh2UzhhWU43OE1nYlJyVmZYWFJKMDJNaGxDL0FGYnRLbjdkQzlwcTJlUXZyWU40N3RON1gKSWE2c3dMSTFmTEUvWDVhVGpRQjdTMlZyTDh1L1drLytIQmRnNERJUFo5VmM5eUNPYlZRbjZzYVFiODJyRnFXbgpDVEN6UXVHL24ybnRqYjBLMzFiQzZEWU0vaHFSSHBGRi8yN3ZCcnhJMWVETlY5a2h6UUtDQVFFQXhBTW8xMHlxCm12NGNmbEptek45bjBwTXRKZDJ5WGxPRmh2MzJNTU1oNzg3elFMRjBnNkc5Q3hXTDJ4K2xWSE92YUZhSGJ2ZGIKM2V3Q2RWZFIrVk1wVzQ0Rm5jSWw1WjZMNEQyTnhsUkFSWmJFWWpKeG1OSmp4d0dIR3ZMeGM0aENzR25xamg1eApaQnhZN2lHV3krejhnQkxlYkNZOXV5dE5MUUYvRlo2YVV0RnBxb3RnRmZNbDJNa01LQ29vcmtrenR1aVRVanpoCnFoRm1TNjkwakNuRnhGNHpCK1RaTG45MUx3aklNWklRbTI3NlVnNG5qVWVTUUMzRVdrb0xRR1lpcy9PR1ZzdisKKzU4NGdlYk5VK1lBcWNzTkVXYU5nQmdyVEdsMjFrdnFrbDFqa3lzelFtaGxkUDcxTkFyc0VyVG5uVHdTMVRYcApyaXpySUxVYk12bkpKd0tDQVFFQTduTkJqTmNQSzJleHJwbHF6SUFKZDF4aEFMaklqaXJ6S29yMG9jTU5aRWhECjl3azZ3dlRqMUlqS0p6c2Uvb0duTG5nMkdTTFpSV3dWcUVkcDVsSDIwejV0d1ovWlBTMy82UkRRNnRUcXFxakMKMFNOQ0hka2JzUTQxKzNqckhGSGIzVUZQcWE3eXFDQ0ZIUS9mRjlCVXh4TGdsSzVneVpWTDhYa2d1cnQ4SStnOApETEdScUt1NlVXZi84bDBpc2RTakJhU0RIR3MzL0pERFZ4Vmx5cXBtYUsvU2pyYU5jUVlCU3Z1dFB2YnA1WFJmCkhkQ1VQREpyUmcwb1ZVWFBhdjE1OWZWVjNNVFNWUWx0S3lBNUxRS0Rackl6VmpuU2Fnd0NlRE9leDZHczc2cXAKMCtnOHk5TEE4NllId2FxWVMyNFNjVGFxWDJ5RndVejQ0MTMzVkxvaml3S0NBUUFrQUVTUERyakRFT3NnMUhlbgpKMTFGVXR6VytKb2JNeEh5VWxEV2NmQ1l3QlR6aStSUGpQUlF4ZHRUR3NQZCtBVitqMjMrbHBZYjg0NGNDVGE0CktXc09NczZiUkI1N3h4di95cTV3ZitieUlSZmV4VThSOTRwMThiVGo0VDB4c0JRM25LeUUvOWhwdjc4aHRhK2gKc3R4SmxhMmVoWU9QRGd2MXVUR2pRZWNzVU9Rc2U3N2hLVENKV1p2UEFMZEtFNDNaQ1d5TmpUc1Jabks0Y2ZoaApDZ2NWNHd0U1p0anc3bDRTam5WZWpXcFpjZyt0NUlXbE1FRVBZcGlPME15eVBsQWZaeG9FZFNGWEM4NXdKWGtPCjhNNnNZT3Y4aHk1MEdYeFNZNGg5SWFKcTBaWkpZSVRnckpYOTRCb2ZQZVpRSlVQcElEQ0JVbzZoL0FRUGxOUHoKRCtlL0FvSUJBRTdlcG9iY04zTkc2QmwxTzBNSzhwYWRZcVJuZWthejVCeGxPOGNwaWd0cWI3aU5QL2R1SXRHUQpzVFRLdEZUQU03a0dIL2F1ZFNrbU4vK2lKMS84S21UeTJFRGNDM0hWL2pocnpINXdFSEtFUVhRRmNvQUc2TWJtCmlXcDFNMmI1bUh5VmRyRU1ZY3pFZk9NQTlleWRodjBWdkZ6UlZNZzRicGNmVm5rTlBHRndGalNvb3lJa013dHMKRjlkbGdPMUxCT1QvNWpJSE1NeUVZV2d6ZHFqVE5lNVlnWStjeUNuakw1aEtxS0lUNzRkcXQyOVlKei9GK1grQgpLSjhUNlNoZFVQTE94Q2l5blZOdE84T3c4OWgwWlZ3Wmd5dDVFcVRxOWdJbUtOV2xIMXRpbXF1eHZESTZzb0drCm9Cb3B3QmZxLzRTYzdUdUUzTFQwTGJxZXdRa3dURU1DZ2dFQVdxUUZuUlpJaGxRS3FjNVdjMGJhc3FlajE3YVQKdmVUR1NuNGpXOTZTbThicEVNQkdoMkxvT0VyYURjbWZlbnRJRGZIRzhUZW5UMW4vMFo3UFUyUCtqQi8yWWxQSgpTT3lFU1FRQmtaK1l5T0dydkVzSzJCWll2UGJhbWJ5dGFKWk0wYlZybjhWYTY5U2Z1eld0Njk5N1FLMzdyQU9BCmI0cDhRRjVoZDB4TE5VUGR5MDdKU3NNZ3lDNFcvMS9YZWVZVXJlNzVPd0VCL2FlVUlFSVB6eTU2WXN0U05MRTgKUjJHTzZYRTYxbjNRUGRUWmxpakJxNVJxMWpzMzA0Q0ZFaTIrb1k5MzdRd3FkbitVVWZLM2ZtT2o0djJNMEtPZwpRQW1rNGJzS1hMSWdvR1Bxbm4wVUNaSjJYNkNaU2EyWUkvS0xDM0VSY2R4SWFKa3lwUUhzTHJRRFpBPT0KLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0K + os: + crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJQekNCOHFBREFnRUNBaEVBcHZrUjl2eUtNdlFac2ovdnZ1dDdDREFGQmdNclpYQXdFREVPTUF3R0ExVUUKQ2hNRmRHRnNiM013SGhjTk1qUXhNREU1TWpBME16UXdXaGNOTXpReE1ERTNNakEwTXpRd1dqQVFNUTR3REFZRApWUVFLRXdWMFlXeHZjekFxTUFVR0F5dGxjQU1oQU5kbFluaGN0T3k1KzJhQ0RrbTFqQm9qVjgvMXcxNHg1SyswClM1YTV2dDRBbzJFd1h6QU9CZ05WSFE4QkFmOEVCQU1DQW9Rd0hRWURWUjBsQkJZd0ZBWUlLd1lCQlFVSEF3RUcKQ0NzR0FRVUZCd01DTUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3SFFZRFZSME9CQllFRkVpdzNvUTBHN1hSOVE1Qwp6dmJXWTlDdFJNQm1NQVVHQXl0bGNBTkJBTjFYb0oraStWc096d2ZqM2g2RHdoY1ZCT045ZTM5YlZyNVZXSkFUCmx1eG5GeVBDdCswYVdrbXFKWFBJcEdsNHNIVVZaazNBK2RYdVVVUW9VbVVIOFFzPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + key: LS0tLS1CRUdJTiBFRDI1NTE5IFBSSVZBVEUgS0VZLS0tLS0KTUM0Q0FRQXdCUVlESzJWd0JDSUVJSTJrYVhwSUFLTHJIbWhFYTJqRzBiL0tHSkpyL01HaWRnYWxQRXFsTU1VVgotLS0tLUVORCBFRDI1NTE5IFBSSVZBVEUgS0VZLS0tLS0K +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age15avv4nw90ryfzuste9ww32ttpc4l8m9npqndgq662czy9csum3jskdpexm + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXYlJINUQvdHFucmZyek5N + K0Y5QzJycHhKWlhkWEUwbzNkMFZ0WnhzSjJFCmhCdmJuV2J4Nk1CclFMNHk3K2kr + QkIyMldEWjc0VW5mU0FoTXd5a2hwdHMKLS0tIGxBWkQ2UnkzOCtWNzdJdkZodEJD + aXNVaFRLMW8vTTYrNHhzSW50ZVN2K28K1wEIPsnc+nZ3iQ6eJ2NT0+gI3pRvubkp + MB1wQVBF6P24YGLjHDql8jkCarMoB9VmfHoBfdqPww7pPQlo4AnzMQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-10-19T20:43:40Z" + mac: ENC[AES256_GCM,data:FMU892NIek+Ae/rs/5P/HRIzmIM7iTPmL2Ad+Vg8IbO3cBDr5Ek6DqGed/Jr+nm4kFA4GcMGabl1gPT9wMuaiwexWqafbTbu/EMDhqF+5mSQtqsdLgKjS/gu0DrURwCSO6Cf2oFGw8NcLGmYTsALqNQhm83QJhBfl9RhuGdFgwE=,iv:w3f1GlWLJZoA/vOz3AIi2zb9UcEgM4dQ+xNxl13+j9c=,tag:wI/ClR0T7UL20q2jQPmXqg==,type:str] + pgp: [] + encrypted_regex: ^(data|stringData)$ + version: 3.9.1