diff --git a/components/multi-platform-controller/production-downstream/stone-prod-p02/external-secrets.yaml b/components/multi-platform-controller/production-downstream/stone-prod-p02/external-secrets.yaml new file mode 100644 index 00000000000..30ca246f4d3 --- /dev/null +++ b/components/multi-platform-controller/production-downstream/stone-prod-p02/external-secrets.yaml @@ -0,0 +1,91 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: aws-ssh-key + namespace: multi-platform-controller + labels: + build.appstudio.redhat.com/multi-platform-secret: "true" + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + argocd.argoproj.io/sync-wave: "-1" +spec: + dataFrom: + - extract: + key: production/build/multi-platform-controller/internal-prod-ssh-key + refreshInterval: 1h + secretStoreRef: + kind: ClusterSecretStore + name: appsre-stonesoup-vault + target: + creationPolicy: Owner + deletionPolicy: Delete + name: aws-ssh-key +--- +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: aws-account + namespace: multi-platform-controller + labels: + build.appstudio.redhat.com/multi-platform-secret: "true" + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + argocd.argoproj.io/sync-wave: "-1" +spec: + dataFrom: + - extract: + key: production/build/multi-platform-controller/internal-prod-aws-account + refreshInterval: 1h + secretStoreRef: + kind: ClusterSecretStore + name: appsre-stonesoup-vault + target: + creationPolicy: Owner + deletionPolicy: Delete + name: aws-account +--- +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: internal-prod-ibm-ssh-key + namespace: multi-platform-controller + labels: + build.appstudio.redhat.com/multi-platform-secret: "true" + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + argocd.argoproj.io/sync-wave: "-1" +spec: + dataFrom: + - extract: + key: production/build/multi-platform-controller/internal-prod-ibm-ssh-key + refreshInterval: 1h + secretStoreRef: + kind: ClusterSecretStore + name: appsre-stonesoup-vault + target: + creationPolicy: Owner + deletionPolicy: Delete + name: internal-prod-ibm-ssh-key +--- +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: internal-prod-ibm-api-key + namespace: multi-platform-controller + labels: + build.appstudio.redhat.com/multi-platform-secret: "true" + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + argocd.argoproj.io/sync-wave: "-1" +spec: + dataFrom: + - extract: + key: production/build/multi-platform-controller/internal-prod-ibm-api-key + refreshInterval: 1h + secretStoreRef: + kind: ClusterSecretStore + name: appsre-stonesoup-vault + target: + creationPolicy: Owner + deletionPolicy: Delete + name: internal-prod-ibm-api-key diff --git a/components/multi-platform-controller/production-downstream/stone-prod-p02/kustomization.yaml b/components/multi-platform-controller/production-downstream/stone-prod-p02/kustomization.yaml index 09d04d3bd2a..773e7970228 100644 --- a/components/multi-platform-controller/production-downstream/stone-prod-p02/kustomization.yaml +++ b/components/multi-platform-controller/production-downstream/stone-prod-p02/kustomization.yaml @@ -1,6 +1,22 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization + namespace: multi-platform-controller + resources: -- ../base +- ../../base/common - host-config.yaml +- external-secrets.yaml +- https://github.com/konflux-ci/multi-platform-controller/deploy/operator?ref=ec950d0cfb87bcfd6e3a79fc2b5ee40989126123 +- https://github.com/konflux-ci/multi-platform-controller/deploy/otp?ref=ec950d0cfb87bcfd6e3a79fc2b5ee40989126123 + +components: + - ../../k-components/manager-resources + +images: +- name: multi-platform-controller + newName: quay.io/konflux-ci/multi-platform-controller + newTag: ec950d0cfb87bcfd6e3a79fc2b5ee40989126123 +- name: multi-platform-otp-server + newName: quay.io/konflux-ci/multi-platform-controller-otp-service + newTag: ec950d0cfb87bcfd6e3a79fc2b5ee40989126123 \ No newline at end of file