From 2be8c296d2c2377dbd0dfdd4c2c4591a8737a099 Mon Sep 17 00:00:00 2001 From: Junaid Ahmed Date: Thu, 14 Sep 2023 21:19:54 +0100 Subject: [PATCH] feat(secret-copy): Add secret copy functionality --- .github/workflows/secrets-copy.yaml | 26 ++++++++++++++++++++ .gitignore | 5 ++++ README.md | 37 ++++++++++++++++++++++++++++- 3 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/secrets-copy.yaml create mode 100644 .gitignore diff --git a/.github/workflows/secrets-copy.yaml b/.github/workflows/secrets-copy.yaml new file mode 100644 index 0000000..eaf5057 --- /dev/null +++ b/.github/workflows/secrets-copy.yaml @@ -0,0 +1,26 @@ +name: "Copy Secrets to other projects" + +on: + workflow_dispatch: + +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: jpoehnelt/secrets-sync-action@67585549a2f812eef2bcd8f5f7aeefbfbfe76326 + with: + SECRETS: | + ^OCI_.* + REPOSITORIES: | + ^poly-glot/question-time$ + DRY_RUN: false + GITHUB_TOKEN: ${{ secrets.PERSONAL_GITHUB_TOKEN_CLASSIC }} + CONCURRENCY: 10 + env: + OCI_CLI_USER: ${{ secrets.OCI_CLI_USER }} + OCI_CLI_TENANCY: ${{ secrets.OCI_CLI_TENANCY }} + OCI_CLI_FINGERPRINT: ${{ secrets.OCI_CLI_FINGERPRINT }} + OCI_CLI_KEY_CONTENT: ${{ secrets.OCI_CLI_KEY_CONTENT }} + OCI_CLI_REGION: ${{ secrets.OCI_CLI_REGION }} + OCI_COMPARTMENT_OCID: ${{ secrets.OCI_COMPARTMENT_OCID }} + OCI_AUTH_TOKEN: ${{ secrets.OCI_AUTH_TOKEN }} diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..efa75ec --- /dev/null +++ b/.gitignore @@ -0,0 +1,5 @@ +.idea/ +.env +node_modules/ +*.log +.DS_Store diff --git a/README.md b/README.md index 44a583e..d31ec5a 100644 --- a/README.md +++ b/README.md @@ -1 +1,36 @@ -# personal-cloud \ No newline at end of file +# personal-cloud +The cloud setup relies on a Kubernetes cluster hosted on Oracle Cloud and facilitates the synchronization of crucial +secrets across my various personal projects. + +## System requirements +You’ll want to ensure you have the following already installed on your local machine before getting started: +* [Docker](https://docs.docker.com/get-docker/) +* [kubectl](https://kubernetes.io/docs/tasks/tools/) + +## Setup Instructions +1. Clone/Fork this repository +2. Setup following secrets by visiting Setting -> Secrets and variables -> Actions +``` +PERSONAL_GITHUB_TOKEN_CLASSIC +OCI_CLI_USER +OCI_CLI_TENANCY +OCI_CLI_FINGERPRINT +OCI_CLI_KEY_CONTENT +OCI_CLI_REGION +OCI_COMPARTMENT_OCID +OCI_AUTH_TOKEN +``` + +**Note:** +- [Click here](https://github.com/settings/tokens) to create Github classic tokens (PERSONAL_GITHUB_TOKEN_CLASSIC). +- [Click here](https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/terraformproviderconfiguration.htm#ariaid-title3) to follow OCI API Key Authentication ((Useful Information)[https://docs.oracle.com/en-us/iaas/Content/API/Concepts/apisigningkey.htm#Required_Keys_and_OCIDs]) +- [Finding the OCID of a Compartment](https://docs.oracle.com/en-us/iaas/Content/GSG/Tasks/contactingsupport_topic-Finding_the_OCID_of_a_Compartment.htm) - ((Direct Link)[https://cloud.oracle.com/identity/compartments?region=uk-london-1]) + +## Access Oracle Docker Registry Locally +- Find Region ID from [Availability Zones](https://docs.oracle.com/en-us/iaas/Content/Registry/Concepts/registryprerequisites.htm#regional-availability). For example UK South London id is "lhr" +- Find Tenancy Namespace Id (or aka Object storage namespace) - https://cloud.oracle.com/identity/compartments?region=uk-london-1 +- Generate Auth token - https://cloud.oracle.com/identity/compartments?region=uk-london-1 +```shell +docker login {region-id}.ocir.io --username={tenancy-namespace}/oracleidentitycloudservice/{email} +``` +- Provide Auth token when prompted for password.