badhouseplants/k8s-deployment
4
0
Fork 0
Code Issues 3 Pull Requests 7 Actions Packages Projects Releases Activity

Refactor everything a bit

Browse Source
This commit is contained in:
Nikolai Rodionov 2024-09-11 23:19:35 +02:00
parent c8c35df257
commit 23ea38ea69
Signed by: allanger
GPG Key ID: 0AA46A90E25592AD
14 changed files with 55 additions and 106 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
.pre-commit-config.yaml Normal file
View File

@ -0,0 +1,15 @@
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.6.0 # Use the ref you want to point at
hooks:
- id: trailing-whitespace
- repo: https://github.com/google/yamlfmt
rev: v0.13.0
hooks:
- id: yamlfmt
- repo: local
hooks:
- id: check-sops-secrets
name: check-sops-secrets
entry: ./scripts/sops_check.sh
language: script

19
common/templates.yaml
View File

@ -10,33 +10,33 @@ templates:
args: args:
- -c - -c
- | - |
helm show crds {{ .Release.Chart }} --version {{ .Release.Version }} | kubectl replace -f - \ helm show crds {{ `{{ .Release.Chart }}` }} --version {{ `{{ .Release.Version }}` }} | kubectl replace -f - \
|| helm show crds {{ .Release.Chart }} --version {{ .Release.Version }} | kubectl create -f - \ || helm show crds {{ `{{ .Release.Chart }}` }} --version {{ `{{ .Release.Version }}` }} | kubectl create -f - \
|| true || true
- events: ["prepare"] - events: ["prepare"]
showlogs: true showlogs: true
command: "sh" command: "sh"
args: args:
- -c - -c
- "helm show crds {{ .Release.Chart }} --version {{ .Release.Version }} | kubectl diff -f - || true" - "helm show crds {{ `{{ .Release.Chart }}` }} --version {{ `{{ .Release.Version }}` }} | kubectl diff -f - || true"
- events: ["postuninstall"] - events: ["postuninstall"]
showlogs: true showlogs: true
command: "sh" command: "sh"
args: args:
- -c - -c
- "helm show crds {{ .Release.Chart }} --version {{ .Release.Version }} | kubectl delete -f - || true" - "helm show crds {{ `{{ .Release.Chart }}` }} --version {{ `{{ .Release.Version }}` }} | kubectl delete -f - || true"
# ---------------------------- # ----------------------------
# -- Configs # -- Configs
# ---------------------------- # ----------------------------
default-common-values: default-common-values:
values: values:
- '{{ requiredEnv "PWD" }}/values/common/values.{{ .Release.Name }}.yaml' - '{{ requiredEnv "PWD" }}/values/common/values.{{ `{{ .Release.Name }}` }}.yaml'
default-env-values: default-env-values:
values: values:
- '{{ requiredEnv "PWD" }}/values/{{ .Environment.Name }}/values.{{ .Release.Name }}.yaml' - '{{ requiredEnv "PWD" }}/values/{{ .Environment.Name }}/values.{{ `{{ .Release.Name }}` }}.yaml'
default-env-secrets: default-env-secrets:
secrets: secrets:
- '{{ requiredEnv "PWD" }}/values/{{ .Environment.Name }}/secrets.{{ .Release.Name }}.yaml' - '{{ requiredEnv "PWD" }}/values/{{ .Environment.Name }}/secrets.{{ `{{ .Release.Name }}` }}.yaml'
# ---------------------------- # ----------------------------
# -- Extensions # -- Extensions
# ---------------------------- # ----------------------------
@ -47,7 +47,6 @@ templates:
alias: istio-gateway alias: istio-gateway
values: values:
- '{{ requiredEnv "PWD" }}/values/common/values.istio-gateway.yaml' - '{{ requiredEnv "PWD" }}/values/common/values.istio-gateway.yaml'
ext-tcp-routes: ext-tcp-routes:
dependencies: dependencies:
- chart: bedag/raw - chart: bedag/raw
@ -55,7 +54,6 @@ templates:
alias: traefik alias: traefik
values: values:
- '{{ requiredEnv "PWD" }}/values/common/values.tcp-route.yaml' - '{{ requiredEnv "PWD" }}/values/common/values.tcp-route.yaml'
ext-istio-resource: ext-istio-resource:
dependencies: dependencies:
- chart: bedag/raw - chart: bedag/raw
@ -63,7 +61,6 @@ templates:
alias: istio alias: istio
values: values:
- '{{ requiredEnv "PWD" }}/values/common/values.istio.yaml' - '{{ requiredEnv "PWD" }}/values/common/values.istio.yaml'
ext-certificate: ext-certificate:
dependencies: dependencies:
- chart: bedag/raw - chart: bedag/raw
@ -93,7 +90,6 @@ templates:
inherit: inherit:
- template: default-values/common-values - template: default-values/common-values
- template: default-env-values - template: default-env-values
ext-database: ext-database:
dependencies: dependencies:
- chart: bedag/raw - chart: bedag/raw
@ -101,7 +97,6 @@ templates:
alias: ext-database alias: ext-database
values: values:
- '{{ requiredEnv "PWD" }}/values/common/values.database.yaml' - '{{ requiredEnv "PWD" }}/values/common/values.database.yaml'
ext-secret: ext-secret:
dependencies: dependencies:
- chart: bedag/raw - chart: bedag/raw

3
helmfile.yaml
View File

@ -1,6 +1,6 @@
bases: bases:
- ./common/environments.yaml - ./common/environments.yaml
- ./common/templates.yaml
helmfiles: helmfiles:
- ./installations/system/ - ./installations/system/
- ./installations/storage/ - ./installations/storage/
@ -10,4 +10,3 @@ helmfiles:
- ./installations/monitoring/ - ./installations/monitoring/
- ./installations/applications/ - ./installations/applications/
- ./installations/games/ - ./installations/games/
- ./installations/development/

21
installations/applications/helmfile.yaml
View File

@ -1,8 +1,6 @@
{{ readFile "../../common/templates.yaml" }}
bases: bases:
- ../../common/environments.yaml - ../../common/environments.yaml
- ../../common/templates.yaml
repositories: repositories:
- name: softplayer-oci - name: softplayer-oci
url: zot.badhouseplants.net/softplayer/helm url: zot.badhouseplants.net/softplayer/helm
@ -22,18 +20,16 @@ repositories:
url: https://charts.min.io/ url: https://charts.min.io/
- name: bedag - name: bedag
url: https://bedag.github.io/helm-charts/ url: https://bedag.github.io/helm-charts/
- name: grafana - name: grafana
url: https://grafana.github.io/helm-charts url: https://grafana.github.io/helm-charts
- name: bitnami - name: bitnami
url: https://charts.bitnami.com/bitnami url: https://charts.bitnami.com/bitnami
- name: allangers-charts - name: allangers-charts
url: ghcr.io/allanger/allangers-charts url: ghcr.io/allanger/allangers-charts
oci: true oci: true
- name: robjuz - name: robjuz
url: https://robjuz.github.io/helm-charts/ url: https://robjuz.github.io/helm-charts/
releases: releases:
- name: funkwhale - name: funkwhale
chart: ananace-charts/funkwhale chart: ananace-charts/funkwhale
namespace: applications namespace: applications
@ -42,7 +38,6 @@ releases:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
- template: ext-database - template: ext-database
- name: gitea - name: gitea
chart: gitea/gitea chart: gitea/gitea
version: 10.4.0 version: 10.4.0
@ -52,7 +47,6 @@ releases:
- template: default-env-secrets - template: default-env-secrets
- template: ext-database - template: ext-database
- template: ext-tcp-routes - template: ext-tcp-routes
- name: minio - name: minio
chart: minio-standalone/minio chart: minio-standalone/minio
version: 5.2.0 version: 5.2.0
@ -60,7 +54,6 @@ releases:
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
- name: nrodionov - name: nrodionov
chart: bitnami/wordpress chart: bitnami/wordpress
version: 23.1.7 version: 23.1.7
@ -70,7 +63,6 @@ releases:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
- template: ext-database - template: ext-database
- name: openvpn - name: openvpn
chart: allangers-charts/openvpn chart: allangers-charts/openvpn
version: 0.0.1 version: 0.0.1
@ -78,7 +70,6 @@ releases:
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: ext-tcp-routes - template: ext-tcp-routes
- name: vaultwarden - name: vaultwarden
chart: allangers-charts/vaultwarden chart: allangers-charts/vaultwarden
version: 2.2.0 version: 2.2.0
@ -87,7 +78,6 @@ releases:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
- template: ext-database - template: ext-database
- name: stalwart - name: stalwart
chart: allangers-charts/stalwart chart: allangers-charts/stalwart
version: 0.2.0 version: 0.2.0
@ -95,7 +85,6 @@ releases:
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: ext-tcp-routes - template: ext-tcp-routes
#- name: vaultwardentest #- name: vaultwardentest
# chart: allangers-charts/vaultwarden # chart: allangers-charts/vaultwarden
# version: 2.1.0 # version: 2.1.0
@ -103,7 +92,6 @@ releases:
# inherit: # inherit:
# - template: default-env-values # - template: default-env-values
# - template: default-env-secrets # - template: default-env-secrets
- name: shadowsocks-libev - name: shadowsocks-libev
chart: allangers-charts/shadowsocks-libev chart: allangers-charts/shadowsocks-libev
namespace: applications namespace: applications
@ -112,14 +100,12 @@ releases:
- template: default-env-secrets - template: default-env-secrets
- template: default-env-values - template: default-env-values
- template: ext-tcp-routes - template: ext-tcp-routes
- name: navidrome - name: navidrome
chart: allangers-charts/navidrome chart: allangers-charts/navidrome
namespace: applications namespace: applications
version: 0.1.0 version: 0.1.0
inherit: inherit:
- template: default-env-values - template: default-env-values
- name: grafana - name: grafana
chart: grafana/grafana chart: grafana/grafana
namespace: applications namespace: applications
@ -128,4 +114,3 @@ releases:
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets

8
installations/databases/helmfile.yaml
View File

@ -1,14 +1,11 @@
{{ readFile "../../common/templates.yaml" }}
bases: bases:
- ../../common/environments.yaml - ../../common/environments.yaml
- ../../common/templates.yaml
repositories: repositories:
- name: bitnami - name: bitnami
url: https://charts.bitnami.com/bitnami url: https://charts.bitnami.com/bitnami
- name: bedag - name: bedag
url: https://bedag.github.io/helm-charts/ url: https://bedag.github.io/helm-charts/
releases: releases:
- name: mariadb - name: mariadb
chart: bitnami/mariadb chart: bitnami/mariadb
@ -18,7 +15,6 @@ releases:
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
- name: redis - name: redis
chart: bitnami/redis chart: bitnami/redis
namespace: databases namespace: databases
@ -26,7 +22,6 @@ releases:
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
- name: postgres16 - name: postgres16
labels: labels:
bundle: postgres bundle: postgres
@ -36,7 +31,6 @@ releases:
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
- name: postgres16-gitea - name: postgres16-gitea
labels: labels:
bundle: postgres bundle: postgres

5
installations/development/helmfile.yaml
View File

@ -1,12 +1,9 @@
{{ readFile "../../common/templates.yaml" }}
bases: bases:
- ../../common/environments.yaml - ../../common/environments.yaml
- ../../common/templates.yaml
repositories: repositories:
- name: argo - name: argo
url: https://argoproj.github.io/argo-helm url: https://argoproj.github.io/argo-helm
releases: releases:
- name: badhouseplants - name: badhouseplants
namespace: platform namespace: platform

6
installations/games/helmfile.yaml
View File

@ -1,15 +1,11 @@
---
{{ readFile "../../common/templates.yaml" }}
bases: bases:
- ../../common/environments.yaml - ../../common/environments.yaml
- ../../common/templates.yaml
repositories: repositories:
- name: bedag - name: bedag
url: https://bedag.github.io/helm-charts/ url: https://bedag.github.io/helm-charts/
- name: minecraft - name: minecraft
url: https://itzg.github.io/minecraft-server-charts/ url: https://itzg.github.io/minecraft-server-charts/
releases: releases:
- name: minecraft - name: minecraft
chart: minecraft/minecraft chart: minecraft/minecraft

6
installations/monitoring/helmfile.yaml
View File

@ -1,15 +1,11 @@
{{ readFile "../../common/templates.yaml" }}
bases: bases:
- ../../common/environments.yaml - ../../common/environments.yaml
- ../../common/templates.yaml
repositories: repositories:
- name: bedag - name: bedag
url: https://bedag.github.io/helm-charts/ url: https://bedag.github.io/helm-charts/
- name: prometheus-community - name: prometheus-community
url: https://prometheus-community.github.io/helm-charts url: https://prometheus-community.github.io/helm-charts
releases: releases:
- name: prometheus - name: prometheus
chart: prometheus-community/kube-prometheus-stack chart: prometheus-community/kube-prometheus-stack

9
installations/pipelines/helmfile.yaml
View File

@ -1,16 +1,13 @@
{{ readFile "../../common/templates.yaml" }}
bases: bases:
- ../../common/environments.yaml - ../../common/environments.yaml
- ../../common/templates.yaml
repositories: repositories:
- name: woodpecker - name: woodpecker
url: https://woodpecker-ci.org url: https://woodpecker-ci.org
- name: renovate - name: renovate
url: https://docs.renovatebot.com/helm-charts url: https://docs.renovatebot.com/helm-charts
- name: bedag - name: bedag
url: https://bedag.github.io/helm-charts/ url: https://bedag.github.io/helm-charts/
releases: releases:
- name: woodpecker-ci - name: woodpecker-ci
chart: woodpecker/woodpecker chart: woodpecker/woodpecker
@ -20,7 +17,6 @@ releases:
- template: ext-database - template: ext-database
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
- name: renovate - name: renovate
chart: renovate/renovate chart: renovate/renovate
namespace: pipelines namespace: pipelines
@ -28,4 +24,3 @@ releases:
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets

25
installations/platform/helmfile.yaml
View File

@ -1,8 +1,6 @@
{{ readFile "../../common/templates.yaml" }}
bases: bases:
- ../../common/environments.yaml - ../../common/environments.yaml
- ../../common/templates.yaml
repositories: repositories:
- name: argo - name: argo
url: https://argoproj.github.io/argo-helm url: https://argoproj.github.io/argo-helm
@ -14,15 +12,14 @@ repositories:
url: https://bedag.github.io/helm-charts/ url: https://bedag.github.io/helm-charts/
- name: minio-standalone - name: minio-standalone
url: https://charts.min.io/ url: https://charts.min.io/
- name: minio - name: minio
url: https://operator.min.io/ url: https://operator.min.io/
- name: fluxcd-community - name: fluxcd-community
url: https://fluxcd-community.github.io/helm-charts url: https://fluxcd-community.github.io/helm-charts
- name: crossplane-stable - name: crossplane-stable
url: https://charts.crossplane.io/stable url: https://charts.crossplane.io/stable
- name: goauthentik - name: goauthentik
url: https://charts.goauthentik.io/ url: https://charts.goauthentik.io/
releases: releases:
- name: argocd - name: argocd
chart: argo/argo-cd chart: argo/argo-cd
@ -33,20 +30,17 @@ releases:
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
- name: flux - name: flux
chart: fluxcd-community/flux2 chart: fluxcd-community/flux2
namespace: platform namespace: platform
condition: workload.enabled condition: workload.enabled
version: 2.13.0 version: 2.13.0
installed: false installed: false
- name: db-operator - name: db-operator
namespace: platform namespace: platform
chart: db-operator/db-operator chart: db-operator/db-operator
condition: workload.enabled condition: workload.enabled
version: 1.29.0 version: 1.29.0
- name: db-instances - name: db-instances
chart: db-operator/db-instances chart: db-operator/db-instances
namespace: platform namespace: platform
@ -57,7 +51,6 @@ releases:
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
- name: zot - name: zot
chart: zot/zot chart: zot/zot
version: 0.1.60 version: 0.1.60
@ -68,7 +61,6 @@ releases:
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
- name: minio - name: minio
chart: minio-standalone/minio chart: minio-standalone/minio
version: 5.2.0 version: 5.2.0
@ -77,7 +69,6 @@ releases:
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
- name: minio-operator - name: minio-operator
chart: minio/operator chart: minio/operator
version: 6.0.3 version: 6.0.3
@ -86,7 +77,6 @@ releases:
condition: workload.enabled condition: workload.enabled
inherit: inherit:
- template: default-env-values - template: default-env-values
- name: minio-tenant - name: minio-tenant
chart: minio/tenant chart: minio/tenant
version: 6.0.3 version: 6.0.3
@ -97,17 +87,16 @@ releases:
- platform/minio-operator - platform/minio-operator
inherit: inherit:
- template: default-env-values - template: default-env-values
# - template: default-env-secrets
- name: crossplane - name: crossplane
# - template: default-env-secrets
chart: crossplane-stable/crossplane chart: crossplane-stable/crossplane
version: 1.17.0 version: 1.17.0
namespace: platform namespace: platform
condition: workload.enabled condition: workload.enabled
installed: false installed: true
inherit: inherit:
- template: default-env-values - template: default-env-values
- name: authentik - name: authentik
chart: goauthentik/authentik chart: goauthentik/authentik
version: 2024.8.1 version: 2024.8.1

10
installations/storage/helmfile.yaml
View File

@ -1,14 +1,11 @@
{{ readFile "../../common/templates.yaml" }}
bases: bases:
- ../../common/environments.yaml - ../../common/environments.yaml
- ../../common/templates.yaml
repositories: repositories:
- name: longhorn - name: longhorn
url: https://charts.longhorn.io url: https://charts.longhorn.io
- name: rook-release - name: rook-release
url: https://charts.rook.io/release url: https://charts.rook.io/release
releases: releases:
- name: rook-ceph - name: rook-ceph
chart: rook-release/rook-ceph chart: rook-release/rook-ceph
@ -17,7 +14,6 @@ releases:
version: v1.14.6 version: v1.14.6
inherit: inherit:
- template: default-env-values - template: default-env-values
- name: rook-ceph-cluster - name: rook-ceph-cluster
chart: rook-release/rook-ceph-cluster chart: rook-release/rook-ceph-cluster
installed: true installed: true
@ -27,7 +23,6 @@ releases:
- rook-ceph/rook-ceph - rook-ceph/rook-ceph
inherit: inherit:
- template: default-env-values - template: default-env-values
- name: longhorn - name: longhorn
chart: longhorn/longhorn chart: longhorn/longhorn
namespace: longhorn-system namespace: longhorn-system
@ -37,4 +32,3 @@ releases:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
- template: ext-secret - template: ext-secret

22
installations/system/helmfile.yaml
View File

@ -1,8 +1,6 @@
{{ readFile "../../common/templates.yaml" }}
bases: bases:
- ../../common/environments.yaml - ../../common/environments.yaml
- ../../common/templates.yaml
repositories: repositories:
- name: metrics-server - name: metrics-server
url: https://kubernetes-sigs.github.io/metrics-server/ url: https://kubernetes-sigs.github.io/metrics-server/
@ -20,11 +18,10 @@ repositories:
url: https://helm.cilium.io/ url: https://helm.cilium.io/
- name: bedag - name: bedag
url: https://bedag.github.io/helm-charts/ url: https://bedag.github.io/helm-charts/
- name: piraeus-charts - name: piraeus-charts
url: https://piraeus.io/helm-charts/ url: https://piraeus.io/helm-charts/
- name: vmware-tanzu - name: vmware-tanzu
url: https://vmware-tanzu.github.io/helm-charts/ url: https://vmware-tanzu.github.io/helm-charts/
releases: releases:
- name: namespaces - name: namespaces
chart: '{{ requiredEnv "PWD" }}/charts/namespaces/chart' chart: '{{ requiredEnv "PWD" }}/charts/namespaces/chart'
@ -32,7 +29,6 @@ releases:
createNamespace: false createNamespace: false
inherit: inherit:
- template: default-env-values - template: default-env-values
- name: roles - name: roles
chart: '{{ requiredEnv "PWD" }}/charts/roles' chart: '{{ requiredEnv "PWD" }}/charts/roles'
namespace: kube-public namespace: kube-public
@ -41,14 +37,12 @@ releases:
- kube-public/namespaces - kube-public/namespaces
inherit: inherit:
- template: default-env-values - template: default-env-values
- name: coredns - name: coredns
chart: coredns/coredns chart: coredns/coredns
version: 1.32.0 version: 1.32.0
namespace: kube-system namespace: kube-system
inherit: inherit:
- template: default-env-values - template: default-env-values
- name: snapshot-controller - name: snapshot-controller
chart: piraeus-charts/snapshot-controller chart: piraeus-charts/snapshot-controller
installed: true installed: true
@ -59,7 +53,6 @@ releases:
- kube-system/cilium - kube-system/cilium
inherit: inherit:
- template: crd-management-hook - template: crd-management-hook
- name: cilium - name: cilium
chart: cilium/cilium chart: cilium/cilium
version: 1.16.1 version: 1.16.1
@ -68,7 +61,6 @@ releases:
- kube-system/coredns - kube-system/coredns
inherit: inherit:
- template: default-env-values - template: default-env-values
- name: cert-manager - name: cert-manager
chart: jetstack/cert-manager chart: jetstack/cert-manager
version: 1.15.3 version: 1.15.3
@ -77,15 +69,13 @@ releases:
- kube-system/cilium - kube-system/cilium
inherit: inherit:
- template: default-env-values - template: default-env-values
- name: issuer - name: issuer
chart: '{{ requiredEnv "PWD" }}/charts/issuer' chart: '{{ requiredEnv "PWD" }}/charts/issuer'
namespace: kube-public namespace: kube-public
needs: needs:
- kube-system/cert-manager - kube-system/cert-manager
inherit: inherit:
- template: default-env-values - template: default-env-values
- name: metrics-server - name: metrics-server
chart: metrics-server/metrics-server chart: metrics-server/metrics-server
version: 3.12.1 version: 3.12.1
@ -94,7 +84,6 @@ releases:
- kube-system/cilium - kube-system/cilium
inherit: inherit:
- template: default-common-values - template: default-common-values
- name: metallb - name: metallb
chart: metallb/metallb chart: metallb/metallb
namespace: kube-system namespace: kube-system
@ -103,7 +92,6 @@ releases:
- kube-system/cilium - kube-system/cilium
inherit: inherit:
- template: default-env-values - template: default-env-values
- name: metallb-resources - name: metallb-resources
chart: bedag/raw chart: bedag/raw
version: 2.0.0 version: 2.0.0
@ -113,7 +101,6 @@ releases:
inherit: inherit:
- template: ext-metallb - template: ext-metallb
- template: default-env-values - template: default-env-values
- name: traefik - name: traefik
chart: traefik/traefik chart: traefik/traefik
version: 31.0.0 version: 31.0.0
@ -122,7 +109,6 @@ releases:
- kube-system/cilium - kube-system/cilium
inherit: inherit:
- template: default-env-values - template: default-env-values
- name: velero - name: velero
chart: vmware-tanzu/velero chart: vmware-tanzu/velero
namespace: kube-system namespace: kube-system

8
scripts/sops_check.sh Executable file
View File

@ -0,0 +1,8 @@
#!/usr/bin/env bash
set -e
for secrets in $(find . -type 'f' -name 'secrets.*');
do sops filestatus $secrets;
done | grep false && \
echo "There are unencrypted secrets in the repo" && exit 1 || \
exit 0

4
values/badhouseplants/values.crossplane.yaml
View File

@ -1,3 +1,3 @@
provider: provider:
packages: [] packages:
#- xpkg.upbound.io/upbound/provider-terraform:v0.17.0 - xpkg.upbound.io/crossplane-contrib/provider-kubernetes:v0.13.0