From 51d13f1c898d3cf16283f788e6684fd760f3fffe Mon Sep 17 00:00:00 2001 From: Steffen Illium Date: Wed, 27 Mar 2024 17:05:11 +0100 Subject: [PATCH] move dashboard, add sealed secrets --- .../base/kube-dashboard-rolebinding.yaml | 0 .../base/kube-dashboard-serviceaccount.yaml | 0 .../base/kube-dashboard-ui-ingress.yaml | 0 .../base/kube-dashboard-user-secret.yaml | 3 +++ .../kube-dashboard}/kustomization.yaml | 0 .../patches/dashboard-insecure-access.yaml | 0 .../patches/dashboard-insecure-service.yaml | 0 infrastructure/06-sealed-secrets/kustomization.yaml | 11 +++++++++++ 8 files changed, 14 insertions(+) rename {infrastructure/06-kube-dashboard => apps/kube-dashboard}/base/kube-dashboard-rolebinding.yaml (100%) rename {infrastructure/06-kube-dashboard => apps/kube-dashboard}/base/kube-dashboard-serviceaccount.yaml (100%) rename {infrastructure/06-kube-dashboard => apps/kube-dashboard}/base/kube-dashboard-ui-ingress.yaml (100%) rename {infrastructure/06-kube-dashboard => apps/kube-dashboard}/base/kube-dashboard-user-secret.yaml (58%) rename {infrastructure/06-kube-dashboard => apps/kube-dashboard}/kustomization.yaml (100%) rename {infrastructure/06-kube-dashboard => apps/kube-dashboard}/patches/dashboard-insecure-access.yaml (100%) rename {infrastructure/06-kube-dashboard => apps/kube-dashboard}/patches/dashboard-insecure-service.yaml (100%) create mode 100644 infrastructure/06-sealed-secrets/kustomization.yaml diff --git a/infrastructure/06-kube-dashboard/base/kube-dashboard-rolebinding.yaml b/apps/kube-dashboard/base/kube-dashboard-rolebinding.yaml similarity index 100% rename from infrastructure/06-kube-dashboard/base/kube-dashboard-rolebinding.yaml rename to apps/kube-dashboard/base/kube-dashboard-rolebinding.yaml diff --git a/infrastructure/06-kube-dashboard/base/kube-dashboard-serviceaccount.yaml b/apps/kube-dashboard/base/kube-dashboard-serviceaccount.yaml similarity index 100% rename from infrastructure/06-kube-dashboard/base/kube-dashboard-serviceaccount.yaml rename to apps/kube-dashboard/base/kube-dashboard-serviceaccount.yaml diff --git a/infrastructure/06-kube-dashboard/base/kube-dashboard-ui-ingress.yaml b/apps/kube-dashboard/base/kube-dashboard-ui-ingress.yaml similarity index 100% rename from infrastructure/06-kube-dashboard/base/kube-dashboard-ui-ingress.yaml rename to apps/kube-dashboard/base/kube-dashboard-ui-ingress.yaml diff --git a/infrastructure/06-kube-dashboard/base/kube-dashboard-user-secret.yaml b/apps/kube-dashboard/base/kube-dashboard-user-secret.yaml similarity index 58% rename from infrastructure/06-kube-dashboard/base/kube-dashboard-user-secret.yaml rename to apps/kube-dashboard/base/kube-dashboard-user-secret.yaml index faffec2..546a142 100644 --- a/infrastructure/06-kube-dashboard/base/kube-dashboard-user-secret.yaml +++ b/apps/kube-dashboard/base/kube-dashboard-user-secret.yaml @@ -1,3 +1,6 @@ +# Create long-live bearer token +# retrieve with: `kubectl get secret dashboard-user -n kubernetes-dashboard -o jsonpath={".data.token"} | base64 -d` + apiVersion: v1 kind: Secret metadata: diff --git a/infrastructure/06-kube-dashboard/kustomization.yaml b/apps/kube-dashboard/kustomization.yaml similarity index 100% rename from infrastructure/06-kube-dashboard/kustomization.yaml rename to apps/kube-dashboard/kustomization.yaml diff --git a/infrastructure/06-kube-dashboard/patches/dashboard-insecure-access.yaml b/apps/kube-dashboard/patches/dashboard-insecure-access.yaml similarity index 100% rename from infrastructure/06-kube-dashboard/patches/dashboard-insecure-access.yaml rename to apps/kube-dashboard/patches/dashboard-insecure-access.yaml diff --git a/infrastructure/06-kube-dashboard/patches/dashboard-insecure-service.yaml b/apps/kube-dashboard/patches/dashboard-insecure-service.yaml similarity index 100% rename from infrastructure/06-kube-dashboard/patches/dashboard-insecure-service.yaml rename to apps/kube-dashboard/patches/dashboard-insecure-service.yaml diff --git a/infrastructure/06-sealed-secrets/kustomization.yaml b/infrastructure/06-sealed-secrets/kustomization.yaml new file mode 100644 index 0000000..c306ec4 --- /dev/null +++ b/infrastructure/06-sealed-secrets/kustomization.yaml @@ -0,0 +1,11 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: sealed-secrets + +helmCharts: +- name: sealed-secrets + includeCRDs: true + version: 2.15.2 + repo: https://bitnami-labs.github.io/sealed-secrets + # valuesFile: base/values.yaml