From 64104de3cc6c3387cf0ebd7ca870531c2c1d757f Mon Sep 17 00:00:00 2001 From: Mateusz Urbanek Date: Tue, 13 Aug 2024 13:04:39 +0200 Subject: [PATCH] chore: move core apps back to manifests Signed-off-by: Mateusz Urbanek --- certificates/bitwarden-tls/CertManager.yaml | 67 ------------------- certificates/bitwarden-tls/kustomization.yaml | 4 -- .../lke/core/cert-manager/HelmRelease.yaml | 24 ------- .../lke/core/cert-manager/HelmRepository.yaml | 9 --- clusters/lke/core/cert-manager/Namespace.yaml | 5 -- .../external-secrets/CustomResources.yaml | 30 --------- .../core/external-secrets/HelmRelease.yaml | 25 ------- .../core/external-secrets/HelmRepository.yaml | 9 --- .../lke/core/external-secrets/Namespace.yaml | 5 -- .../lke/core/ingress-nginx/HelmRelease.yaml | 22 ------ .../core/ingress-nginx/HelmRepository.yaml | 9 --- secrets/bitwarden/ClusterSecretStore.yaml | 21 ------ secrets/bitwarden/kustomization.yaml | 4 -- 13 files changed, 234 deletions(-) delete mode 100644 certificates/bitwarden-tls/CertManager.yaml delete mode 100644 certificates/bitwarden-tls/kustomization.yaml delete mode 100644 clusters/lke/core/cert-manager/HelmRelease.yaml delete mode 100644 clusters/lke/core/cert-manager/HelmRepository.yaml delete mode 100644 clusters/lke/core/cert-manager/Namespace.yaml delete mode 100644 clusters/lke/core/external-secrets/CustomResources.yaml delete mode 100644 clusters/lke/core/external-secrets/HelmRelease.yaml delete mode 100644 clusters/lke/core/external-secrets/HelmRepository.yaml delete mode 100644 clusters/lke/core/external-secrets/Namespace.yaml delete mode 100644 clusters/lke/core/ingress-nginx/HelmRelease.yaml delete mode 100644 clusters/lke/core/ingress-nginx/HelmRepository.yaml delete mode 100644 secrets/bitwarden/ClusterSecretStore.yaml delete mode 100644 secrets/bitwarden/kustomization.yaml diff --git a/certificates/bitwarden-tls/CertManager.yaml b/certificates/bitwarden-tls/CertManager.yaml deleted file mode 100644 index 69cd9c7..0000000 --- a/certificates/bitwarden-tls/CertManager.yaml +++ /dev/null @@ -1,67 +0,0 @@ ---- -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: bitwarden-bootstrap-issuer -spec: - selfSigned: {} ---- -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: bitwarden-bootstrap-certificate - namespace: cert-manager -spec: - # this is discouraged but required by ios - commonName: cert-manager-bitwarden-tls - isCA: true - secretName: bitwarden-tls-certs - subject: - organizations: - - external-secrets.io - dnsNames: - - external-secrets-bitwarden-sdk-server.default.svc.cluster.local - - bitwarden-sdk-server.default.svc.cluster.local - - localhost - ipAddresses: - - 127.0.0.1 - - ::1 - privateKey: - algorithm: RSA - encoding: PKCS8 - size: 2048 - issuerRef: - name: bitwarden-bootstrap-issuer - kind: ClusterIssuer - group: cert-manager.io ---- -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: bitwarden-certificate-issuer -spec: - ca: - secretName: bitwarden-tls-certs ---- -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: bitwarden-tls-certs - namespace: external-secrets -spec: - secretName: bitwarden-tls-certs - dnsNames: - - bitwarden-sdk-server.default.svc.cluster.local - - external-secrets-bitwarden-sdk-server.default.svc.cluster.local - - localhost - ipAddresses: - - 127.0.0.1 - - ::1 - privateKey: - algorithm: RSA - encoding: PKCS8 - size: 2048 - issuerRef: - name: bitwarden-certificate-issuer - kind: ClusterIssuer - group: cert-manager.io diff --git a/certificates/bitwarden-tls/kustomization.yaml b/certificates/bitwarden-tls/kustomization.yaml deleted file mode 100644 index 4295788..0000000 --- a/certificates/bitwarden-tls/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: -- ./CertManager.yaml diff --git a/clusters/lke/core/cert-manager/HelmRelease.yaml b/clusters/lke/core/cert-manager/HelmRelease.yaml deleted file mode 100644 index 0d9a6f9..0000000 --- a/clusters/lke/core/cert-manager/HelmRelease.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: cert-manager - namespace: cert-manager -spec: - chart: - spec: - chart: cert-manager - reconcileStrategy: ChartVersion - sourceRef: - kind: HelmRepository - name: jetstack - version: "v1.15.2" - interval: 1m0s - releaseName: cert-manager - targetNamespace: cert-manager - install: - crds: CreateReplace - upgrade: - crds: CreateReplace - values: - installCRDs: true diff --git a/clusters/lke/core/cert-manager/HelmRepository.yaml b/clusters/lke/core/cert-manager/HelmRepository.yaml deleted file mode 100644 index aa6afee..0000000 --- a/clusters/lke/core/cert-manager/HelmRepository.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -apiVersion: source.toolkit.fluxcd.io/v1 -kind: HelmRepository -metadata: - name: jetstack - namespace: cert-manager -spec: - interval: 5m0s - url: https://charts.jetstack.io diff --git a/clusters/lke/core/cert-manager/Namespace.yaml b/clusters/lke/core/cert-manager/Namespace.yaml deleted file mode 100644 index 6bc19f4..0000000 --- a/clusters/lke/core/cert-manager/Namespace.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: cert-manager diff --git a/clusters/lke/core/external-secrets/CustomResources.yaml b/clusters/lke/core/external-secrets/CustomResources.yaml deleted file mode 100644 index 392103d..0000000 --- a/clusters/lke/core/external-secrets/CustomResources.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: certificates-bitwarden-tls - namespace: external-secrets -spec: - interval: 1m - sourceRef: - kind: GitRepository - name: flux-system - namespace: flux-system - path: "./certificates/bitwarden-tls" - prune: true - timeout: 10m ---- -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: secrets-bitwarden - namespace: external-secrets -spec: - interval: 1m - sourceRef: - kind: GitRepository - name: flux-system - namespace: flux-system - path: "./secrets/bitwarden" - prune: true - timeout: 10m diff --git a/clusters/lke/core/external-secrets/HelmRelease.yaml b/clusters/lke/core/external-secrets/HelmRelease.yaml deleted file mode 100644 index 00a56f6..0000000 --- a/clusters/lke/core/external-secrets/HelmRelease.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: external-secrets - namespace: external-secrets -spec: - chart: - spec: - chart: external-secrets - reconcileStrategy: ChartVersion - sourceRef: - kind: HelmRepository - name: external-secrets - version: "0.10.0" - interval: 1m0s - releaseName: external-secrets - targetNamespace: external-secrets - install: - crds: CreateReplace - upgrade: - crds: CreateReplace - values: - bitwarden-sdk-server: - enabled: true diff --git a/clusters/lke/core/external-secrets/HelmRepository.yaml b/clusters/lke/core/external-secrets/HelmRepository.yaml deleted file mode 100644 index ba85e47..0000000 --- a/clusters/lke/core/external-secrets/HelmRepository.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -apiVersion: source.toolkit.fluxcd.io/v1 -kind: HelmRepository -metadata: - name: external-secrets - namespace: external-secrets -spec: - interval: 5m0s - url: https://charts.external-secrets.io diff --git a/clusters/lke/core/external-secrets/Namespace.yaml b/clusters/lke/core/external-secrets/Namespace.yaml deleted file mode 100644 index 591aac5..0000000 --- a/clusters/lke/core/external-secrets/Namespace.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: external-secrets diff --git a/clusters/lke/core/ingress-nginx/HelmRelease.yaml b/clusters/lke/core/ingress-nginx/HelmRelease.yaml deleted file mode 100644 index 1348d3b..0000000 --- a/clusters/lke/core/ingress-nginx/HelmRelease.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: ingress-nginx - namespace: kube-system -spec: - chart: - spec: - chart: ingress-nginx - reconcileStrategy: ChartVersion - sourceRef: - kind: HelmRepository - name: ingress-nginx - version: "4.11.1" - interval: 1m0s - releaseName: ingress-nginx - targetNamespace: kube-system - install: - crds: CreateReplace - upgrade: - crds: CreateReplace diff --git a/clusters/lke/core/ingress-nginx/HelmRepository.yaml b/clusters/lke/core/ingress-nginx/HelmRepository.yaml deleted file mode 100644 index fb0b46d..0000000 --- a/clusters/lke/core/ingress-nginx/HelmRepository.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -apiVersion: source.toolkit.fluxcd.io/v1 -kind: HelmRepository -metadata: - name: ingress-nginx - namespace: kube-system -spec: - interval: 5m0s - url: https://kubernetes.github.io/ingress-nginx diff --git a/secrets/bitwarden/ClusterSecretStore.yaml b/secrets/bitwarden/ClusterSecretStore.yaml deleted file mode 100644 index df8b2fe..0000000 --- a/secrets/bitwarden/ClusterSecretStore.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -apiVersion: external-secrets.io/v1beta1 -kind: ClusterSecretStore -metadata: - name: bitwarden-secretsmanager - namespace: external-secrets -spec: - provider: - bitwardensecretsmanager: - apiURL: https://vault.bitwarden.com - identityURL: https://identity.bitwarden.com - auth: - secretRef: - credentials: - name: bitwarden - namespace: kube-system - key: token - bitwardenServerSDKURL: https://bitwarden-sdk-server.default.svc.cluster.local:9998 - caBundle: '' - organizationID: 554098a1-1b76-4d11-89d1-b1c500b11b2e - projectID: 2728ee07-5f6d-4c5c-97d8-b1c500b28bb9 diff --git a/secrets/bitwarden/kustomization.yaml b/secrets/bitwarden/kustomization.yaml deleted file mode 100644 index 716e185..0000000 --- a/secrets/bitwarden/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: -- ./ClusterSecretStore.yaml