diff --git a/xactfetch/kustomization.yaml b/xactfetch/kustomization.yaml index cae0001..1e452ed 100644 --- a/xactfetch/kustomization.yaml +++ b/xactfetch/kustomization.yaml @@ -17,6 +17,9 @@ configMapGenerator: - name: xactfetch envs: - xactfetch.env +- name: xactfetch-secrets + files: + - secrets.toml - name: xactfetch-rbw files: - config.json=rbw-config.json diff --git a/xactfetch/secrets.toml b/xactfetch/secrets.toml new file mode 100644 index 0000000..f1c918f --- /dev/null +++ b/xactfetch/secrets.toml @@ -0,0 +1,29 @@ +['firefly.token'] +exec = 'rbw get xactfetch' + +['firefly.import.secret'] +path = '/run/secrets/xactfetch/firefly-import.secret' + +['firefly.import.username'] +string = 'svc.xactfetch' + +['firefly.import.password'] +path = '/run/secrets/xactfetch/firefly-import.password' + +['bank.commerce.username'] +string = 'admiraln3mo' + +['bank.commerce.password'] +exec = '''rbw get --folder Websites 'Commerce Bank' admiraln3mo''' + +['bank.commerce.otp'] +exec = '''rbw code --folder Websites 'Commerce Bank' admiraln3mo''' + +['bank.chase.username'] +string = 'AdmiralN3mo' + +['bank.chase.password'] +exec = '''rbw get --folder Websites Chase AdmiralN3mo''' + +['bank.chase.otp'] +exec = 'chase2fa' diff --git a/xactfetch/xactfetch.yaml b/xactfetch/xactfetch.yaml index 757cfa4..ec52d55 100644 --- a/xactfetch/xactfetch.yaml +++ b/xactfetch/xactfetch.yaml @@ -44,9 +44,6 @@ spec: securityContext: readOnlyRootFilesystem: true volumeMounts: - - mountPath: /etc/rbw - name: xactfetch-rbw - readOnly: true - mountPath: /run/secrets/xactfetch name: xactfetch-secrets readOnly: true @@ -56,6 +53,9 @@ spec: - mountPath: /var/lib/xactfetch name: xactfetch-data subPath: data + - mountPath: /var/lib/xactfetch/.config/rbw + name: xactfetch-rbw + readOnly: true containers: - name: xactfetch image: git.pyrocufflink.net/packages/xactfetch @@ -67,9 +67,6 @@ spec: securityContext: readOnlyRootFilesystem: true volumeMounts: - - mountPath: /etc/rbw - name: xactfetch-rbw - readOnly: true - mountPath: /run/secrets/xactfetch name: xactfetch-secrets readOnly: true @@ -79,6 +76,13 @@ spec: - mountPath: /var/lib/xactfetch name: xactfetch-data subPath: data + - mountPath: /var/lib/xactfetch/.config/rbw + name: xactfetch-rbw + readOnly: true + - mountPath: /var/lib/xactfetch/secrets.toml + name: xactfetch-secrets-config + subPath: secrets.toml + readOnly: true nodeSelector: kubernetes.io/arch: amd64 securityContext: @@ -94,6 +98,9 @@ spec: - name: xactfetch-rbw configMap: name: xactfetch-rbw + - name: xactfetch-secrets-config + configMap: + name: xactfetch-secrets - name: xactfetch-secrets secret: secretName: xactfetch @@ -145,9 +152,6 @@ spec: securityContext: readOnlyRootFilesystem: true volumeMounts: - - mountPath: /etc/rbw - name: xactfetch-rbw - readOnly: true - mountPath: /run/secrets/xactfetch name: xactfetch-secrets readOnly: true @@ -157,6 +161,9 @@ spec: - mountPath: /var/lib/xactfetch name: xactfetch-data subPath: data + - mountPath: /var/lib/xactfetch/.config/rbw + name: xactfetch-rbw + readOnly: true containers: - name: xactfetch image: git.pyrocufflink.net/packages/xactfetch @@ -168,9 +175,6 @@ spec: securityContext: readOnlyRootFilesystem: true volumeMounts: - - mountPath: /etc/rbw - name: xactfetch-rbw - readOnly: true - mountPath: /run/secrets/xactfetch name: xactfetch-secrets readOnly: true @@ -180,6 +184,13 @@ spec: - mountPath: /var/lib/xactfetch name: xactfetch-data subPath: data + - mountPath: /var/lib/xactfetch/.config/rbw + name: xactfetch-rbw + readOnly: true + - mountPath: /var/lib/xactfetch/secrets.toml + name: xactfetch-secrets-config + subPath: secrets.toml + readOnly: true nodeSelector: kubernetes.io/arch: amd64 securityContext: @@ -195,6 +206,9 @@ spec: - name: xactfetch-rbw configMap: name: xactfetch-rbw + - name: xactfetch-secrets-config + configMap: + name: xactfetch-secrets - name: xactfetch-secrets secret: secretName: xactfetch