Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/ruslanguns/ruso-platform
https://github.com/ruslanguns/ruso-platform
Last synced: 7 days ago
JSON representation
- Host: GitHub
- URL: https://github.com/ruslanguns/ruso-platform
- Owner: ruslanguns
- Created: 2023-04-30T18:14:04.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2024-01-28T19:38:57.000Z (10 months ago)
- Last Synced: 2024-05-28T17:08:30.391Z (6 months ago)
- Language: Dockerfile
- Size: 486 KB
- Stars: 0
- Watchers: 2
- Forks: 0
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Ruso Platform - A GitOps Repository with FluxCD
## Requirements
- FLUXCD
- SOPS
- KUBECTL
- KUSTOMIZE
- GPG
## How to use SOPS
More information https://fluxcd.io/flux/guides/mozilla-sops/
### SOPS - Import Public Key
```bash
gpg --import ./clusters/{cluster-name}/.sops.pub.asc
```
### SOPS - Configuration file
```yaml
cat < ./clusters/{cluster-name}/.sops.yaml
creation_rules:
- path_regex: .*.yaml
encrypted_regex: ^(data|stringData)$
pgp: ${KEY_FP}
EOF
```
> make sure to replace `${KEY_FP}` with the fingerprint of the public key and `{cluser-name}` with the name of the cluster
### SOPS - Encrypt secret
> Make sure you have a configuration file: `./clusters/{cluster-name}/.sops.yaml`
```bash
sops --config clusters/{cluster-name}/.sops.yaml --encrypt --in-place /path/to/secret.yaml
```
> Make sure you have a proper written Secret Manifest before encrypting the file since based on the configuration file
> the encrypted fields should be `data` or `stringData`
### SOPS - Add decryption to Kustomization
```yam
decryption:
provider: sops
secretRef:
name: sops-gpg
```