Dustin C. Hatch
74fa9264df
The `xactfetch` script now uses a helper tool, `secretsocket` to handle looking up secrets. This tool supports various secret source types, including files, environment variables, and external commands. Separating this functionality out of the main script makes it a lot more flexible and pluggable. It's main purpose, though, was actually to allow `xactfetch` to run in a container while communicating with `rbw` outside that container, specifically for development puposes. The `secretsocket` tool reads its configuration from a TOML document. This document defines the secrets the tool handles, and how to look them up. Note that the `xactfetch` container image no longer defines the `XDG_CONFIG_HOME` environment variable, as it uses Chromium instead of Firefox now, and the former does not work with a read-only config directory. As such, we have to mount the `rbw` configuration in the default location.
26 lines
408 B
YAML
26 lines
408 B
YAML
apiVersion: kustomize.config.k8s.io/v1beta1
|
|
kind: Kustomization
|
|
|
|
namespace: firefly-iii
|
|
|
|
labels:
|
|
- pairs:
|
|
app.kubernetes.io/instance: xactfetch
|
|
includeSelectors: true
|
|
|
|
resources:
|
|
- pvc.yaml
|
|
- xactfetch.yaml
|
|
- secrets.yaml
|
|
|
|
configMapGenerator:
|
|
- name: xactfetch
|
|
envs:
|
|
- xactfetch.env
|
|
- name: xactfetch-secrets
|
|
files:
|
|
- secrets.toml
|
|
- name: xactfetch-rbw
|
|
files:
|
|
- config.json=rbw-config.json
|