Skip to content

Commit

Permalink
Move secrets away from the helm
Browse files Browse the repository at this point in the history
  • Loading branch information
ManInWeb3 authored and heyjustarooni committed Sep 14, 2022
1 parent 3c84e14 commit 3a54d73
Show file tree
Hide file tree
Showing 7 changed files with 54 additions and 213 deletions.
5 changes: 0 additions & 5 deletions charts/release-watch/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,3 @@ version: 0.1.1
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "main"

dependencies:
- name: external-secrets
version: 0.5.9
repository: https://charts.external-secrets.io
4 changes: 4 additions & 0 deletions charts/release-watch/templates/additional-manifests.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
{{ range .Values.additionalManifests }}
---
{{ tpl (toYaml .) $ }}
{{ end }}
8 changes: 6 additions & 2 deletions charts/release-watch/templates/configmap.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@ apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Chart.Name }}
labels:
{{- include "release_watch.labels" . | nindent 4 }}
data:
repos.yml: |
{{ .Values.repos | nindent 4 }}
{{- if .Values.repos }}
repos.yml: |-
{{ tpl .Values.repos . | nindent 4 }}
{{- end }}
14 changes: 0 additions & 14 deletions charts/release-watch/templates/external_secret.yaml

This file was deleted.

20 changes: 0 additions & 20 deletions charts/release-watch/templates/secret_store.yaml

This file was deleted.

212 changes: 42 additions & 170 deletions charts/release-watch/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -23,174 +23,46 @@ serviceAccount:
# If not set and create is true, a name is generated using the fullname template
name: "release-watch"

env:
- name: GH_USERNAME
valueFrom:
secretKeyRef:
name: release-watch
key: GH_USERNAME
optional: false
- name: GH_TOKEN
valueFrom:
secretKeyRef:
name: release-watch
key: GH_TOKEN
optional: false
- name: DISCORD_TOKEN
valueFrom:
secretKeyRef:
name: release-watch
key: DISCORD_TOKEN
optional: false
env: []
# - name: GH_USERNAME
# valueFrom:
# secretKeyRef:
# name: release-watch
# key: GH_USERNAME
# optional: false
# - name: GH_TOKEN
# valueFrom:
# secretKeyRef:
# name: release-watch
# key: GH_TOKEN
# optional: false
# - name: DISCORD_TOKEN
# valueFrom:
# secretKeyRef:
# name: release-watch
# key: DISCORD_TOKEN
# optional: false

repos: |
algorand:
channels:
- 931305730080915526
- 1008823719273177178
critical: true
repo: https://github.com/algorand/go-algorand
arweave:
channels:
- 931305730080915526
- 1008823719273177178
critical: false
repo: https://github.com/ArweaveTeam/arweave
avalanche:
channels:
- 931305730080915526
- 1008823719273177178
critical: true
repo: https://github.com/ava-labs/avalanchego
binance:
channels:
- 931305730080915526
- 1008823719273177178
critical: true
repo: https://github.com/binance-exchange/binance-api-node
bitcoin:
channels:
- 931305730080915526
- 1008823719273177178
critical: false
repo: https://github.com/bitcoin/bitcoin
boba:
channels:
- 931305730080915526
- 1008823719273177178
critical: false
repo: https://github.com/bobanetwork/boba
dogechain:
channels:
- 931305730080915526
- 1008823719273177178
critical: true
repo: https://github.com/dogechain-lab/dogechain
ethereum:
channels:
- 931305730080915526
- 1008823719273177178
critical: true
repo: https://github.com/ethereum/go-ethereum
erigon:
channels:
- 931305730080915526
- 1008823719273177178
critical: true
repo: https://github.com/ledgerwatch/erigon
evmos:
channels:
- 931305730080915526
- 1008823719273177178
critical: true
repo: https://github.com/tharsis/evmos
fantom:
channels:
- 931305730080915526
- 1008823719273177178
critical: true
repo: https://github.com/Fantom-foundation/go-opera
fuse:
channels:
- 931305730080915526
- 1008823719273177178
critical: true
repo: https://github.com/fuseio/fuse-network
harmony:
channels:
- 931305730080915526
- 1008823719273177178
critical: true
repo: https://github.com/harmony-one/harmony
iotex:
channels:
- 931305730080915526
- 1008823719273177178
critical: true
repo: https://github.com/iotexproject/iotex-core
klaytn:
channels:
- 931305730080915526
- 1008823719273177178
critical: true
repo: https://github.com/klaytn/klaytn
moonbeam:
channels:
- 931305730080915526
- 1008823719273177178
critical: true
repo: https://github.com/PureStake/moonbeam
moonriver:
channels:
- 931305730080915526
- 1008823719273177178
critical: true
repo: https://github.com/PureStake/moonbeam
near:
channels:
- 931305730080915526
- 1008823719273177178
critical: true
repo: https://github.com/near/nearcore
okex:
channels:
- 931305730080915526
- 1008823719273177178
critical: true
repo: https://github.com/okex/exchain
optimism:
channels:
- 931305730080915526
- 1008823719273177178
critical: true
repo: https://github.com/ethereum-optimism/optimism
osmosis:
channels:
- 931305730080915526
- 1008823719273177178
critical: true
repo: https://github.com/osmosis-labs/osmosis
pocket:
channels:
- 931305730080915526
- 1008823719273177178
critical: true
repo: https://github.com/pokt-network/pocket-core/releases
polygon:
channels:
- 931305730080915526
- 1008823719273177178
critical: true
repo: https://github.com/maticnetwork/bor
solana:
channels:
- 931305730080915526
- 1008823719273177178
critical: true
repo: https://github.com/solana-labs/solana
test:
channels:
- 931305730080915526
- 1008823719273177178
critical: true
repo: https://github.com/pokt-foundation/node-watch-test
additionalManifests: []
# - apiVersion: external-secrets.io/v1beta1
# kind: ExternalSecret
# metadata:
# name: release-watch
# spec:
# refreshInterval: "15s"
# secretStoreRef:
# name: vault-backend
# kind: SecretStore
# target:
# name: release-watch
# dataFrom:
# - extract:
# key: prod

repos: "" # |
# algorand:
# channels:
# - 931305730080915526
# - 1008823719273177178
# critical: true
# repo: https://github.com/algorand/go-algorand
4 changes: 2 additions & 2 deletions ct.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,6 @@ remote: origin
target-branch: master
chart-dirs:
- charts
chart-repos:
- external-secrets=https://charts.external-secrets.io
# chart-repos:
# - external-secrets=https://charts.external-secrets.io
helm-extra-args: --timeout 600s

0 comments on commit 3a54d73

Please sign in to comment.