added test for new kpt (sops should be taken from my branch - see REA…

…DME.md)

packages/test_newkpt1.0_1/Kptfile

@@ -0,0 +1,14 @@
+apiVersion: kpt.dev/v1alpha2
+kind: Kptfile
+metadata:
+  name: newkpt
+info:
+  description: sample description
+pipeline:
+  mutators:
+    - image: gcr.io/kpt-fn/apply-setters:unstable
+      configPath: fnSecretSubstitutions.yaml
+  validators:
+    - image: gcr.io/kpt-fn/kubeval:v0.1
+      configMap:
+        strict: "true"

packages/test_newkpt1.0_1/README.md

@@ -0,0 +1,35 @@
+# newkpt
+
+## Description
+sample description
+
+## Usage
+
+### Fetch the package
+`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] newkpt`
+Details: https://kpt.dev/reference/cli/pkg/get/
+
+### View package content
+`kpt pkg tree newkpt`
+Details: https://kpt.dev/reference/cli/pkg/tree/
+
+### Decrypt and render the package
+```
+kpt fn eval --image gcr.io/kpt-fn-contrib/sops:unstable --fn-config fnDecrypt.yaml --include-meta-resources --image-pull-policy ifNotPresent
+kpt fn render
+```
+
+Note: `--image-pull-policy ifNotPresent` is needed only because we're using image from [this branch](https://github.com/aodinokov/kpt-functions-catalog/tree/allParams)
+
+### Apply the package
+```
+kpt live init newkpt
+kpt live apply newkpt --reconcile-timeout=2m --output=table
+```
+Details: https://kpt.dev/reference/cli/live/
+
+### Encrypt and render the package before merging changes to git
+```
+kpt fn eval --image gcr.io/kpt-fn-contrib/sops:unstable --fn-config fnEncrypt.yaml --include-meta-resources --image-pull-policy ifNotPresent
+kpt fn render
+```

packages/test_newkpt1.0_1/deployment.yaml

@@ -0,0 +1,33 @@
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: my-nginx
+spec:
+  replicas: 4
+  selector:
+    matchLabels:
+      app: nginx
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+        - name: nginx
+          image: 'ENC[AES256_GCM,data:bE/Qzjs=,iv:gdJr0PlSR1srbySRQUBpr/W41qJ3L87G0Bjcp5ZM5+Y=,tag:ubHbnNdY9TgQCAFbxIze9A==,type:str]:ENC[AES256_GCM,data:psZabnIh,iv:brcDfNyBOrtrmpQktpXVlUacCD7U3s0Co6Ev2fpp2qs=,tag:2h3XywRGSpZEa+cDBmubRg==,type:str]' # kpt-set: ${image}:${tag}
+          ports:
+            - protocol: TCP
+              containerPort: 80

packages/test_newkpt1.0_1/fnDecrypt.yaml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: decrypt-config
+data:
+  cmd: decrypt
+  cmd-extra-params-json-path-filter: '$[?(@.metadata.name=="keys")]'

packages/test_newkpt1.0_1/fnEncrypt.yaml

@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: encrypt-config
+data:
+  cmd: encrypt
+  cmd-extra-params-json-path-filter: '$[?(@.metadata.name=="keys")]'
+  cmd-json-path-filter: '$[?(@.metadata.name=="SecretSubstitutions")]'
+  unencrypted-regex: ^(kind|apiVersion|group|metadata)$

packages/test_newkpt1.0_1/fnSecretSubstitutions.yaml

@@ -0,0 +1,27 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: SecretSubstitutions
+data:
+  image: 'ENC[AES256_GCM,data:bE/Qzjs=,iv:gdJr0PlSR1srbySRQUBpr/W41qJ3L87G0Bjcp5ZM5+Y=,tag:ubHbnNdY9TgQCAFbxIze9A==,type:str]'
+  tag: 'ENC[AES256_GCM,data:psZabnIh,iv:brcDfNyBOrtrmpQktpXVlUacCD7U3s0Co6Ev2fpp2qs=,tag:2h3XywRGSpZEa+cDBmubRg==,type:str]'
+sops:
+  age:
+    - enc: |
+        -----BEGIN AGE ENCRYPTED FILE-----
+        YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1cVcrQmNzcDZSdHNsVUhS
+        eFk4aWhaS2VHazhCd1M3U0hURWVZMmpSWXlNCnppZW13eUI4Vk4wSDZiR2w1dTNi
+        VUR0WThFdWxjT1dVMExaVGRGNllZaUkKLS0tIDFxSWxZaVUwYVJXZGlINWVDWmtO
+        Y1NyMUU0VmhhYlVqREZuVzVaQy9YS1UKkScjqqGOaLSld9pwo2HDpLCUMbAXB3IX
+        ox3K+l5v/RIsNKO+0p+a7n8ooSyyrt/zzdpbHFHHZCax+g5Fh+vWGA==
+        -----END AGE ENCRYPTED FILE-----
+      recipient: age1yt3tfqlfrwdwx0z0ynwplcr6qxcxfaqycuprpmy89nr83ltx74tqdpszlw
+  azure_kv: []
+  gcp_kms: []
+  hc_vault: []
+  kms: []
+  lastmodified: '2021-06-16T17:14:28Z'
+  mac: 'ENC[AES256_GCM,data:HeLsbPt0zbiQ52zVjO6gQuHaeypG7fMuMjdIQ4A8J6EytGa05ALyEo1MRWIBeXLNLNMMOwr5UXYjCk4A1IuLx6Jrt/opUWGAMPdpKKdIjmXMadMxvcOcIJ/XMX3prb1AB7/jc4eS7idNsa9AKAw1QmsSqxNqyStJr1huWTlXMgA=,iv:nmnaPGqll0gc4lqgPq26hTJmUneq/4u5vwkHck9uD6Y=,tag:nhPLsxrV0MB6o9vjmpgnaA==,type:str]'
+  pgp: []
+  unencrypted_regex: ^(kind|apiVersion|group|metadata)$
+  version: 3.7.1

packages/test_newkpt1.0_1/keys.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: keys
+  annotations:
+    config.kubernetes.io/local-config: 'true'
+data:
+  age: age1yt3tfqlfrwdwx0z0ynwplcr6qxcxfaqycuprpmy89nr83ltx74tqdpszlw
+  cmd-import-age: |
+    # created: 2020-07-18T03:16:47-07:00
+    # public key: age1yt3tfqlfrwdwx0z0ynwplcr6qxcxfaqycuprpmy89nr83ltx74tqdpszlw
+    AGE-SECRET-KEY-1NJT5YCS2LWU4V4QAJQ6R4JNU7LXPDX602DZ9NUFANVU5GDTGUWCQ5T59M6

packages/test_newkpt1.0_1/svc.yaml

@@ -0,0 +1,26 @@
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: v1
+kind: Service
+metadata:
+  name: my-nginx-svc
+  labels:
+    app: nginx
+spec:
+  type: LoadBalancer
+  selector:
+    app: nginx
+  ports:
+    - protocol: TCP
+      port: 80