konstructio · CristhianF7 · Jul 18, 2024 · Jul 17, 2024 · Jul 17, 2024 · Jul 17, 2024
diff --git a/akamai-github/registry/environments/development/docker-config.yaml b/akamai-github/registry/environments/development/docker-config.yaml
@@ -0,0 +1,21 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: development-docker-config
+spec:
+  refreshInterval: 10s
+  secretStoreRef:
+    name: vault-kv-secret
+    kind: ClusterSecretStore
+  target:
+    template:
+      type: kubernetes.io/dockerconfigjson
+      data:
+        .dockerconfigjson: "{{ .dockerconfig | toString }}"
+    name: docker-config
+    creationPolicy: Owner
+  data:
+    - secretKey: "dockerconfig"
+      remoteRef:
+        property: dockerconfig
+        key: dockerconfigjson
diff --git a/akamai-github/registry/environments/development/metaphor.yaml b/akamai-github/registry/environments/development/metaphor.yaml
@@ -14,7 +14,7 @@ spec:
     path: registry/environments/development/metaphor
     targetRevision: HEAD
   destination:
-    name: <WORKLOAD_CLUSTER_NAME>
+    name: in-cluster
     namespace: development
   syncPolicy:
     automated:

diff --git a/akamai-github/registry/environments/development/metaphor/values.yaml b/akamai-github/registry/environments/development/metaphor/values.yaml
@@ -29,8 +29,8 @@ metaphor:
     host: https://metaphor-development.<DOMAIN_NAME>/api
     console: https://kubefirst.<DOMAIN_NAME>
 
-  clusterSecretStoreName: <WORKLOAD_CLUSTER_NAME>-vault-kv-secret
-  vaultSecretPath: <WORKLOAD_CLUSTER_NAME>/metaphor
+  clusterSecretStoreName: vault-kv-secret
+  vaultSecretPath: development/metaphor
   configs:
-    configOne: <WORKLOAD_CLUSTER_NAME>-config-one
-    configTwo: <WORKLOAD_CLUSTER_NAME>-config-two
+    configOne: development-config-one
+    configTwo: development-config-two
diff --git a/akamai-github/registry/environments/production/docker-config.yaml b/akamai-github/registry/environments/production/docker-config.yaml
@@ -0,0 +1,21 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: production-docker-config
+spec:
+  refreshInterval: 10s
+  secretStoreRef:
+    name: vault-kv-secret
+    kind: ClusterSecretStore
+  target:
+    template:
+      type: kubernetes.io/dockerconfigjson
+      data:
+        .dockerconfigjson: "{{ .dockerconfig | toString }}"
+    name: docker-config
+    creationPolicy: Owner
+  data:
+    - secretKey: "dockerconfig"
+      remoteRef:
+        property: dockerconfig
+        key: dockerconfigjson
diff --git a/akamai-github/registry/environments/production/metaphor.yaml b/akamai-github/registry/environments/production/metaphor.yaml
@@ -6,15 +6,15 @@ metadata:
   finalizers:
     - resources-finalizer.argocd.argoproj.io
   annotations:
-    argocd.argoproj.io/sync-wave: '45'
+    argocd.argoproj.io/sync-wave: "45"
 spec:
   project: default
   source:
     repoURL: <GITOPS_REPO_URL>
     path: registry/environments/production/metaphor
     targetRevision: HEAD
   destination:
-    name: <WORKLOAD_CLUSTER_NAME>
+    name: in-cluster
     namespace: production
   syncPolicy:
     automated:

diff --git a/akamai-github/registry/environments/production/metaphor/values.yaml b/akamai-github/registry/environments/production/metaphor/values.yaml
@@ -29,8 +29,8 @@ metaphor:
     host: https://metaphor-production.<DOMAIN_NAME>/api
     console: https://kubefirst.<DOMAIN_NAME>
 
-  clusterSecretStoreName: <WORKLOAD_CLUSTER_NAME>-vault-kv-secret
-  vaultSecretPath: <WORKLOAD_CLUSTER_NAME>/metaphor
+  clusterSecretStoreName: vault-kv-secret
+  vaultSecretPath: production/metaphor
   configs:
-    configOne: <WORKLOAD_CLUSTER_NAME>-config-one
-    configTwo: <WORKLOAD_CLUSTER_NAME>-config-two
+    configOne: production-config-one
+    configTwo: production-config-two
diff --git a/akamai-github/registry/environments/staging/docker-config.yaml b/akamai-github/registry/environments/staging/docker-config.yaml
@@ -0,0 +1,21 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: staging-docker-config
+spec:
+  refreshInterval: 10s
+  secretStoreRef:
+    name: vault-kv-secret
+    kind: ClusterSecretStore
+  target:
+    template:
+      type: kubernetes.io/dockerconfigjson
+      data:
+        .dockerconfigjson: "{{ .dockerconfig | toString }}"
+    name: docker-config
+    creationPolicy: Owner
+  data:
+    - secretKey: "dockerconfig"
+      remoteRef:
+        property: dockerconfig
+        key: dockerconfigjson
diff --git a/akamai-github/registry/environments/staging/metaphor.yaml b/akamai-github/registry/environments/staging/metaphor.yaml
@@ -14,7 +14,7 @@ spec:
     path: registry/environments/staging/metaphor
     targetRevision: HEAD
   destination:
-    name: <WORKLOAD_CLUSTER_NAME>
+    name: in-cluster
     namespace: staging
   syncPolicy:
     automated:

diff --git a/akamai-github/registry/environments/staging/metaphor/values.yaml b/akamai-github/registry/environments/staging/metaphor/values.yaml
@@ -29,8 +29,8 @@ metaphor:
     host: https://metaphor-staging.<DOMAIN_NAME>/api
     console: https://kubefirst.<DOMAIN_NAME>
 
-  clusterSecretStoreName: <WORKLOAD_CLUSTER_NAME>-vault-kv-secret
-  vaultSecretPath: <WORKLOAD_CLUSTER_NAME>/metaphor
+  clusterSecretStoreName: vault-kv-secret
+  vaultSecretPath: staging/metaphor
   configs:
-    configOne: <WORKLOAD_CLUSTER_NAME>-config-one
-    configTwo: <WORKLOAD_CLUSTER_NAME>-config-two
+    configOne: staging-config-one
+    configTwo: staging-config-two
diff --git a/akamai-github/templates/mgmt/components/kubefirst/console.yaml b/akamai-github/templates/mgmt/components/kubefirst/console.yaml
@@ -9,7 +9,7 @@ spec:
   project: default
   source:
     repoURL: https://charts.kubefirst.com
-    targetRevision: 2.4.12
+    targetRevision: 2.4.13
     chart: kubefirst
     helm:
       values: |-

diff --git a/akamai-github/templates/mgmt/development.yaml b/akamai-github/templates/mgmt/development.yaml
@@ -0,0 +1,24 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: development
+  namespace: argocd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+  annotations:
+    argocd.argoproj.io/sync-wave: '60'
+spec:
+  project: default
+  source:
+    repoURL: <GITOPS_REPO_URL>
+    path: registry/environments/development
+    targetRevision: HEAD
+  destination:
+    name: in-cluster
+    namespace: development
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
diff --git a/akamai-github/templates/mgmt/production.yaml b/akamai-github/templates/mgmt/production.yaml
@@ -0,0 +1,24 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: production
+  namespace: argocd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+  annotations:
+    argocd.argoproj.io/sync-wave: '60'
+spec:
+  project: default
+  source:
+    repoURL: <GITOPS_REPO_URL>
+    path: registry/environments/production
+    targetRevision: HEAD
+  destination:
+    name: in-cluster
+    namespace: production
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
diff --git a/akamai-github/templates/mgmt/staging.yaml b/akamai-github/templates/mgmt/staging.yaml
@@ -0,0 +1,24 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: staging
+  namespace: argocd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+  annotations:
+    argocd.argoproj.io/sync-wave: '60'
+spec:
+  project: default
+  source:
+    repoURL: <GITOPS_REPO_URL>
+    path: registry/environments/staging
+    targetRevision: HEAD
+  destination:
+    name: in-cluster
+    namespace: staging
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
diff --git a/aws-github/registry/environments/development/docker-config.yaml b/aws-github/registry/environments/development/docker-config.yaml
@@ -0,0 +1,21 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: development-docker-config
+spec:
+  refreshInterval: 10s
+  secretStoreRef:
+    name: vault-kv-secret
+    kind: ClusterSecretStore
+  target:
+    template:
+      type: kubernetes.io/dockerconfigjson
+      data:
+        .dockerconfigjson: "{{ .dockerconfig | toString }}"
+    name: docker-config
+    creationPolicy: Owner
+  data:
+    - secretKey: "dockerconfig"
+      remoteRef:
+        property: dockerconfig
+        key: dockerconfigjson
diff --git a/aws-github/registry/environments/development/metaphor.yaml b/aws-github/registry/environments/development/metaphor.yaml
@@ -14,7 +14,7 @@ spec:
     path: registry/environments/development/metaphor
     targetRevision: HEAD
   destination:
-    name: <WORKLOAD_CLUSTER_NAME>
+    name: in-cluster
     namespace: development
   syncPolicy:
     automated:

diff --git a/aws-github/registry/environments/development/metaphor/values.yaml b/aws-github/registry/environments/development/metaphor/values.yaml
@@ -11,7 +11,10 @@ metaphor:
     className: nginx
     enabled: true
     annotations:
-      cert-manager.io/cluster-issuer: 'letsencrypt-prod'
+      <CERT_MANAGER_ISSUER_ANNOTATION_1>
+      <CERT_MANAGER_ISSUER_ANNOTATION_2>
+      <CERT_MANAGER_ISSUER_ANNOTATION_3>
+      <CERT_MANAGER_ISSUER_ANNOTATION_4>
       nginx.ingress.kubernetes.io/service-upstream: "true"
     hosts:
       - host: metaphor-development.<DOMAIN_NAME>
@@ -26,8 +29,8 @@ metaphor:
     host: https://metaphor-development.<DOMAIN_NAME>/api
     console: https://kubefirst.<DOMAIN_NAME>
 
-  clusterSecretStoreName: <WORKLOAD_CLUSTER_NAME>-vault-kv-secret
-  vaultSecretPath: <WORKLOAD_CLUSTER_NAME>/metaphor
+  clusterSecretStoreName: vault-kv-secret
+  vaultSecretPath: development/metaphor
   configs:
-    configOne: <WORKLOAD_CLUSTER_NAME>-config-one
-    configTwo: <WORKLOAD_CLUSTER_NAME>-config-two
+    configOne: development-config-one
+    configTwo: development-config-two
diff --git a/aws-github/registry/environments/production/docker-config.yaml b/aws-github/registry/environments/production/docker-config.yaml
@@ -0,0 +1,21 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: production-docker-config
+spec:
+  refreshInterval: 10s
+  secretStoreRef:
+    name: vault-kv-secret
+    kind: ClusterSecretStore
+  target:
+    template:
+      type: kubernetes.io/dockerconfigjson
+      data:
+        .dockerconfigjson: "{{ .dockerconfig | toString }}"
+    name: docker-config
+    creationPolicy: Owner
+  data:
+    - secretKey: "dockerconfig"
+      remoteRef:
+        property: dockerconfig
+        key: dockerconfigjson
diff --git a/aws-github/registry/environments/production/metaphor.yaml b/aws-github/registry/environments/production/metaphor.yaml
@@ -6,15 +6,15 @@ metadata:
   finalizers:
     - resources-finalizer.argocd.argoproj.io
   annotations:
-    argocd.argoproj.io/sync-wave: '45'
+    argocd.argoproj.io/sync-wave: "45"
 spec:
   project: default
   source:
     repoURL: <GITOPS_REPO_URL>
     path: registry/environments/production/metaphor
     targetRevision: HEAD
   destination:
-    name: <WORKLOAD_CLUSTER_NAME>
+    name: in-cluster
     namespace: production
   syncPolicy:
     automated:

diff --git a/aws-github/registry/environments/production/metaphor/values.yaml b/aws-github/registry/environments/production/metaphor/values.yaml
@@ -11,7 +11,10 @@ metaphor:
     className: nginx
     enabled: true
     annotations:
-      cert-manager.io/cluster-issuer: 'letsencrypt-prod'
+      <CERT_MANAGER_ISSUER_ANNOTATION_1>
+      <CERT_MANAGER_ISSUER_ANNOTATION_2>
+      <CERT_MANAGER_ISSUER_ANNOTATION_3>
+      <CERT_MANAGER_ISSUER_ANNOTATION_4>
       nginx.ingress.kubernetes.io/service-upstream: "true"
     hosts:
       - host: metaphor-production.<DOMAIN_NAME>
@@ -26,8 +29,8 @@ metaphor:
     host: https://metaphor-production.<DOMAIN_NAME>/api
     console: https://kubefirst.<DOMAIN_NAME>
 
-  clusterSecretStoreName: <WORKLOAD_CLUSTER_NAME>-vault-kv-secret
-  vaultSecretPath: <WORKLOAD_CLUSTER_NAME>/metaphor
+  clusterSecretStoreName: vault-kv-secret
+  vaultSecretPath: production/metaphor
   configs:
-    configOne: <WORKLOAD_CLUSTER_NAME>-config-one
-    configTwo: <WORKLOAD_CLUSTER_NAME>-config-two
+    configOne: production-config-one
+    configTwo: production-config-two
diff --git a/aws-github/registry/environments/staging/docker-config.yaml b/aws-github/registry/environments/staging/docker-config.yaml
@@ -0,0 +1,21 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: staging-docker-config
+spec:
+  refreshInterval: 10s
+  secretStoreRef:
+    name: vault-kv-secret
+    kind: ClusterSecretStore
+  target:
+    template:
+      type: kubernetes.io/dockerconfigjson
+      data:
+        .dockerconfigjson: "{{ .dockerconfig | toString }}"
+    name: docker-config
+    creationPolicy: Owner
+  data:
+    - secretKey: "dockerconfig"
+      remoteRef:
+        property: dockerconfig
+        key: dockerconfigjson
diff --git a/aws-github/registry/environments/staging/metaphor.yaml b/aws-github/registry/environments/staging/metaphor.yaml
@@ -14,7 +14,7 @@ spec:
     path: registry/environments/staging/metaphor
     targetRevision: HEAD
   destination:
-    name: <WORKLOAD_CLUSTER_NAME>
+    name: in-cluster
     namespace: staging
   syncPolicy:
     automated: