diff --git a/postgresql/kustomization.yaml b/postgresql/kustomization.yaml index 505fc03..608888f 100644 --- a/postgresql/kustomization.yaml +++ b/postgresql/kustomization.yaml @@ -5,6 +5,7 @@ namespace: postgresql resources: - namespace.yaml +- secrets.yaml - operatorconfiguration.crd.yaml - postgresteam.crd.yaml - postgresql-operator-configuration.yaml @@ -13,18 +14,6 @@ resources: - api-service.yaml - default-cluster.yaml -secretGenerator: -- name: ssh-auth - files: - - ssh-backup.key - options: - disableNameSuffixHash: true -- name: pod-secrets - envs: - - pod.secrets - options: - disableNameSuffixHash: true - configMapGenerator: - name: pod-env envs: diff --git a/postgresql/secrets.yaml b/postgresql/secrets.yaml new file mode 100644 index 0000000..8e8427b --- /dev/null +++ b/postgresql/secrets.yaml @@ -0,0 +1,45 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + name: ssh-auth + namespace: postgresql + labels: + app.kubernetes.io/name: postgresql + app.kubernetes.io/component: postgresql + app.kubernetes.io/instance: postgresql + app.kubernetes.io/part-of: postgresql +spec: + encryptedData: + ssh-backup.key: AgCCfWJXzgJOem21xF6/acHZlHrM6oP6f1o48Ub/B0DVn+F8ShDMBBUajivjl3bCE/aFm0Gtnexv3Kgw5QbCRMj8Hidjj1t046qboZ6DOKU6N8Z2QK4LdMWDztGBHqcokjkuU3bvCTRzkLf4+51KJDYfq3zXbJjBdt5j1wgpiQ5gV0EDXukihG2yuJ1xG53joFVve/GrOQ87anMAqJXKLQZ3r2fVM+A0GbJXyXPiUF6+8zgFXskPb2FOceZmNprHSRLPJTuRfO6N90g3ypXC3ewsamNqNfMxRfDM6lH/50KXfBfZsTHL/UHlcWEfAmL/Tw1MxYqZ43hOE7ZPIyKdl1xGHaQNRopGWuDnYaCVcuRN3nFzVicvQXNqSUnG+aRFemuc/N60MZxtG6eTnJ6Cihvcx6OFkJoT41CZWO2y3gFA4oUWWfBQeyLTTYe0Y/2Za8T9gwSUddMG7Ly4e/l78uqD2gY7iBLBCiH5NZ9vy3mm0Wuk28Sk0TGn3IZBJcTOeGoOhUPqHuy67f9uKffYSpoX5CD18olB0vZyCyFPJW11Js5ASmrJwT/tU4g3kgQpICVaJkrLBYnPweI0jmfUqx5GeAEvz2jfFadghGSRip1CNZ7DKTriEpO7sUkWIYl6piVDZUpDbT8y2blIbrMbonvr1IQ2HJrtG8ZSBC+x9gFMbZNjKnWAaYgzUTtVLBNIorcdrA1u7UgQzdgTtMsTqCnx1/AnYwAG6U5P1xDtww9GC+xDGYppHIux6hl5re8aUhDpi1SktryZnST+qzLfll/8867dgK4Pj4JJ/uPGtRbD4vfiMGnsnj56DOh8WJpYAWuaAOYpZvT8o9MpdLzV0KM0E69v8NfSLWYWmrofaQIxEx6ta5YospN8dEaeduWMNAFFbQ+vLx+K4cTL6puopdHp/krVbygzd8Oea1yRRWQ1QbpaQW7Lm2Wad9X0sskg33PRG2PI17ctlf9O/3Vyn+NAZaaRaWJObdtTWWZCy/5+6q6UGmM3hNxXhuHW9Si46oGKtyJtLGlJN8CNyOjjSbUCCUqmk5H90pw+iI5bYiQRnS8mdyul7PACCA+2JJPZ3Bcbz2KHt/GZx9AOgQaffp4zpy86GLWuQ50250asHN1T2+XYa773joi/ShPIGrxREfrrVxi6LGvFJMn32f7/WvVZpeF/AG5rlLHurrWkNty7jfvNb5dW5WxhBFPcfkipyb4lDAGe4MKfoFjQZ7RqjniL4hd96w5cb9Gn4ks= + template: + metadata: + name: ssh-auth + namespace: postgresql + labels: + app.kubernetes.io/name: postgresql + app.kubernetes.io/component: postgresql + app.kubernetes.io/part-of: postgresql + +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + name: pod-secrets + namespace: postgresql + labels: + app.kubernetes.io/name: postgresql + app.kubernetes.io/component: postgresql + app.kubernetes.io/instance: postgresql + app.kubernetes.io/part-of: postgresql +spec: + encryptedData: + pod.secrets: AgBbimCXtzoWjx7OJipclzaHjZ6KS2QUoZMLE/74ktdex6yuzYytKsb03Te3+FzhXxB3YO4vfV+QL/ZaAXPRGwBJm3Zd4Ya7fC5yb70qBZRov2WdteouujTqcDzXGGTN+Vpbq+oY1tk52Kxg9XtLKWj5Q/UZkVZvRgGZDriDHYuthesFON4Fgqv/cszsrRz+cdtpLXwixEsMAOuw6waDA9LiVeOlsQohyakR4YRCbXEUQtt4xvQU/yCbVAatOcjcir7ie17zt+RKUM7EAkP1WJITrRpajNNLhMvhJSCno2Hq8XrecCQ97ekwCYuY+Za1x8MT4H+AkYwrQGahKgTll0u2/G5hyvY0Gr+E0v2uB/tUfLgYWaE3jb9lmCz8XpP3gB26ccugLYHhDEupLnBLo9zQuNeOOZfXg+NLaZ8FyP0McEDQiZTWEXp6tXU4rjV05fmBvUUj66IJFOIeo8K3IWvIZHgrczWm0WauF9101GgJ6KAss1zZ3t9VBsAqJzSqbTbRZ7AJ+eOGHTJeyDddkq7NRL6xnbPvGTIBo5zrVNF2RpD8IPdGyf2Ll9ChMUWVmieic3t+haqAVXPhTD41zHl/BT4JXLjMxDw0EceeeTA09m3jNrDmJ56znrTsknvUIV5/DXAJPzv7vAnLk3p28R0fGGRLk3Gz9yT3uOpUOxRQ0cQLsda1XEW82soGyMl+Ow08v2nJRNWAtzOLHadF38sMlIBHCx3IZtf+PyeoF+2IS6sGX4OE5Y++py/OGpAcngixRsHD0SOeoIH6pRhjvpKarbdDkS/04SEL4/jQl3MPQmAfNzPJ8JqI+Ho= + template: + metadata: + name: pod-secrets + namespace: postgresql + labels: + app.kubernetes.io/name: postgresql + app.kubernetes.io/component: postgresql + app.kubernetes.io/part-of: postgresql