move ext sec to sec ns

spiceratops · Jun 8, 2024 · 3c93493 · 3c93493
1 parent 6dd27fb
commit 3c93493
Show file tree

Hide file tree

Showing 8 changed files with 21 additions and 21 deletions.
diff --git a/...tem/external-secrets/app/helmrelease.yaml → ...ity/external-secrets/app/helmrelease.yaml b/...tem/external-secrets/app/helmrelease.yaml → ...ity/external-secrets/app/helmrelease.yaml
@@ -3,7 +3,7 @@ apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
   name: external-secrets
-  namespace: kube-system
+  namespace: security
 spec:
   interval: 30m
   timeout: 15m

diff --git a/...m/external-secrets/app/kustomization.yaml → ...y/external-secrets/app/kustomization.yaml b/...m/external-secrets/app/kustomization.yaml → ...y/external-secrets/app/kustomization.yaml
@@ -1,6 +1,6 @@
 ---
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
-namespace: kube-system
+namespace: security
 resources:
   - ./helmrelease.yaml
diff --git a/...apps/kube-system/external-secrets/ks.yaml → ...es/apps/security/external-secrets/ks.yaml b/...apps/kube-system/external-secrets/ks.yaml → ...es/apps/security/external-secrets/ks.yaml
@@ -5,11 +5,11 @@ metadata:
   name: &appname external-secrets
   namespace: flux-system
 spec:
-  targetNamespace: kube-system
+  targetNamespace: security
   commonMetadata:
     labels:
       app.kubernetes.io/name: *appname
-  path: ./kubernetes/apps/kube-system/external-secrets/app
+  path: ./kubernetes/apps/security/external-secrets/app
   prune: false
   sourceRef:
     kind: GitRepository
@@ -25,13 +25,13 @@ metadata:
   name: &appname external-secrets-stores
   namespace: flux-system
 spec:
-  targetNamespace: kube-system
+  targetNamespace: security
   commonMetadata:
     labels:
       app.kubernetes.io/name: *appname
   dependsOn:
     - name: external-secrets
-  path: ./kubernetes/apps/kube-system/external-secrets/stores
+  path: ./kubernetes/apps/security/external-secrets/stores
   prune: false
   sourceRef:
     kind: GitRepository

diff --git a/.../stores/1password/clustersecretstore.yaml → .../stores/1password/clustersecretstore.yaml b/.../stores/1password/clustersecretstore.yaml → .../stores/1password/clustersecretstore.yaml
@@ -3,16 +3,16 @@ apiVersion: external-secrets.io/v1beta1
 kind: ClusterSecretStore
 metadata:
   name: onepassword-connect
-  namespace: kube-system
+  namespace: security
 spec:
   provider:
     onepassword:
-      connectHost: http://onepassword-connect.kube-system.svc.cluster.local:8080
+      connectHost: http://onepassword-connect.security.svc.cluster.local:8080
       vaults:
         sc-secrets: 1
       auth:
         secretRef:
           connectTokenSecretRef:
             name: onepassword-connect-secret
             key: token
-            namespace: kube-system
+            namespace: security
diff --git a/...secrets/stores/1password/helmrelease.yaml → ...secrets/stores/1password/helmrelease.yaml b/...secrets/stores/1password/helmrelease.yaml → ...secrets/stores/1password/helmrelease.yaml
@@ -3,7 +3,7 @@ apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
   name: onepassword-connect
-  namespace: kube-system
+  namespace: security
 spec:
   interval: 30m
   timeout: 15m
@@ -16,7 +16,7 @@ spec:
         name: 1password-charts
         namespace: flux-system
   values:
-    namespace: kube-system
+    namespace: security
     connect:
       credentialsName: onepassword-connect-secret
       credentialsKey: 1password-credentials.json

diff --git a/...crets/stores/1password/kustomization.yaml → ...crets/stores/1password/kustomization.yaml b/...crets/stores/1password/kustomization.yaml → ...crets/stores/1password/kustomization.yaml
@@ -1,7 +1,7 @@
 ---
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
-namespace: kube-system
+namespace: security
 resources:
   - ./secret.sops.yaml
   - ./helmrelease.yaml

diff --git a/...secrets/stores/1password/secret.sops.yaml → ...secrets/stores/1password/secret.sops.yaml b/...secrets/stores/1password/secret.sops.yaml → ...secrets/stores/1password/secret.sops.yaml
@@ -2,7 +2,7 @@ apiVersion: v1
 kind: Secret
 metadata:
     name: onepassword-connect-secret
-    namespace: kube-system
+    namespace: security
 stringData:
     1password-credentials.json: ENC[AES256_GCM,data:/i2ByL+eX5evCHU5eIXbkbDfI6cp6MrAlcf9HP1IR+MKhUsUl8UDI13gKHbBSW+np2irt9h8NExrRAgKNOQJfPU79I/VRLnyuz9Z0nullP49gb6iiN8K97wqsKoNt3BG4aXKUabm9sZA+2COCn5MZL8v9/vdkbQ/68pInR6PHHRdcuLFZ77ZeHLSVyT7mjEy3Vb6N1azbxDme+Pv7sHsts0eM3bYlNZ1don2wdxRo8H1zC3tvu0aBBF789W1ardqwhdu2UdB8aiasewJvFcPJ/gOJW9e/NPqymyqR59iZBarO427g2kTVrH70qMJszKsAkxnXZuxTmsol5wR9cWdcM5rn9E79xigrGacZ4SNE8FAMNMj1kmPTt7mXh44G+no/Zj4JWATPGmMO2Cv/2swk0QUBy21PNF6moDlAFqcPjvqT+U2tRupScRd8BG/qOeKFUBDg8P53yZfC46gVOMq4HE3PPGdDWwe1PZ0uV6FIt38mxg0Haf7Iqzi+GQECXMUZaqoX1mdqA2Q9IplhMZZsX8PYYlq8krHqfl+zw8I2DjI63Mo07bf4iFkjMxFccnnn5UG+i4a9XSZJeSGMRUCD1VzRddhTzquWjKVSQtBbThtOecXNsL5kudoW7+KtyLuPHSceiycdwYtwpJ6lS/U+UzZTYgvp+TT8z4MNsDZ7HiUfaSuyj8J8QunC5vlx/QcmNhIYQaSLPM5rkPeVG5ldp/yc8bogFSM/sQx3MQFy6qXoonrOyjA3aylN+lQrNZhwqPCBBeOPpGqNteihOPwkRgApS3hO0WGF5/O6y/ztnQvFIHdXmER6Nn0n74889Tj/9GLVPoHKq6gM9txjC/0r7q7l8kXOV5X4fHBK6dnRnSqRuohjhLAkoH53c7jo1VT//mN05jBEuFhHnKPt43RnjIBV+FUshnbENju2k70fjT6yrf4dAvevaUrm6Qm1vZLAS5dZd4Fps8LBmhsVyZJZW/+VMLOxzgPWGH6UTCKncMc6uwcAHZdKb7mfS/LTeZ9wndW1lVNoAmWKk5sxTpwOxDPDBHQaroX/0beEnYVMXjpk5eyCfmy+Rq+WxfjglEwuEjBgW9niXNoIQjosb7H5RnWZb8UVMsBXPb4lXy9tmoz7Pz0r71iHumMu5oduDgyGNuTnFsC4tc6GbRuQabmQ5zLaHURq6ALNEOmyUMYTBLJ2SiKwG78mVpxY/rzlZbBXhgDNLZykJa+kmDFXQXFFVM55a2GwWqhiyVTE6bjp/EeMF8kLFBZ+6c/OvE2vJMsVuxKlQVrUoMeRGyqUrwRxLPyWN+TPTIXt2xjrPfNU6GDQHXZZ141YNC84GXPtkJFwIdsUw9a5ih8HTi+SwIy0OdZKyei0o+vyL5fD+ZVikM1n7OlHst/0+3CZx2qUTW4txpwogGri4/duMevIWwnqtdnctI1U8Y68UfXFXLH1s0DYh9nnprHfTZcbJq2eQYJDi4TjfooEzPaYO3rreVRvptsVQecVCPDksn9xxWLMVNJWECgeBp7uWO2gr+GUdp5JGq2W25Xu0au8HJESYknm1MeowZxZJ7UYp/Ri9Ad4Vmu/bnvTQsUKA5Z8AzkrleLojtmdv0Wzz/nr2qrXKtdu1vgqugfReVYn+nAoOfNxlJfb38XTUhVVt7AVdfkuwUH4NsAOktqJjhCgNPjjrL5r2kq36jIF190/2+K186/q3ZDqCzi85LdrMPmKMrTS6v9nPfa9baCWsw7G30cWUsgjSSEZyKFk5z6e/+b+UeW5ykUODXqDjArL74kYtAEpfb/v311QpY1/+M0hNGDelzYdInccv/3wbfoRlbaZtx+OlctmuLIU2HH2L39Y0QcrnuokF2B/umlw0HS8xsKJBHwg5vcfoh3BYBYc5Ud80tfpaRlXj1PGJPsHDdF1TRCqDXe0WEhpmLkUgfm3RCP,iv:DTaBUwRJw9RqUlzZ5w42GVL5tSdW9Ajb0r5rQph5TTQ=,tag:nX0NLkt+skQb6OvfU8+iUg==,type:str]
     token: ENC[AES256_GCM,data:tZh5HVKORV6bOlmPecoc/DTWH8sngxGfIzKRn8H2li013ZqHqTKota96XNswvr8Jn1tiIiXJTFjpeWzty7U8wbyskL9vFG80AULNjPxk8y2SMMr9ucLLmQRbnaOkInshgld49wVmtll3HabGPkGoupYmNisMKwo179n6a2ELttSZk0jhOKPHtIIy0PpH1/BxqpfFeYdv3i3vNQpPOJyHypGghhP3Qmz7PJKZbXmpyPAbuEpbnK9hMQAN2jbrJAZN14semRVD21mpdjwTzF6bA9gZ03A7I0j2vguZ6E91jc3u/1EA0i0OQaRqyLWjvTpo0APLoLRR7lW46XGsZxyWRFY52F/HDWfR6rVkJ9xM41ALk+OkzDPoBAHFHMntbUfDmcD8La/K9z1urT/Ic8LhTdS9KJnCc6fCGU+P73ZEAkedQnKB11XM8GxIEG363R15c+W9IGM3NNo+FzhBDcXZGH3eqfqnSFQyQuzHfyiMMsS2M0qtTkV0iHQOmwNikgLR4PYmlaOlrNBxRAgnOSyKyYxNsfSjR8pYBTRhvHPdvHVPLgCnQLy9Wk/kpBh8G3DLE3EGlYygBdiPryR0jeXpWDdm2MrW52Ca3Gtdsc1VpzbexgKOUg9NIFXIi7mmstbh3561RQInuy61t9pGXsuWLsXOu9nPZqCefjUgBuNKjq9rDAZ15Cnv8AaYexrRl3cJymC8veF28FKWj6hz95vN282OB5Np9AkncN8hqKAe3zrVxOXxCiT5MWHcLCYI7F9hOb6WRJ/fzvlwWijgn4T6e2bhh5pSXyzto0vv5JQlmSuB1nC082LxP6v67K7MtBoiqpqhKLcJn38y47yUrBomwSTuCQ==,iv:ZoSeyXi0TeQdnM7eQ9lldt+bqCwVpTOeQmZIWPYxixs=,tag:Pevm6SswQ3wWyV2e9eFvMQ==,type:str]
@@ -14,13 +14,13 @@ sops:
     age:
         - recipient: age153gpfdw58csvgxj3vn9ym2g3zx7mfhaldyz5uvvrfajne8htj3asjqrp7h
           enc: |
-            -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlaXJkelRRRUxySkFOZlZs
-            UTNnakhjcit4akhwYkdIUUJNdHJnWmh4bEE4CnBmWGd0N29jQ3RVVVBYL25yOWV3
-            UEdjak0vWG1FdGNUemN2VFNiNVhUVHMKLS0tIE9vYkZiaUdCUFVCZUFlb3lBSDht
-            aVprSGo0Qlp6b294T1hPQmIwTS9UeWcKXKI9w4Na0HunR5EX+2gUhI4SzlCrYwtn
-            uw17ieNU3P14Syi3NbQTL4RC0rjO2r4ouL2yBnHB+1r96MbPSKldzQ==
-            -----END AGE ENCRYPTED FILE-----
+              -----BEGIN AGE ENCRYPTED FILE-----
+              YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlaXJkelRRRUxySkFOZlZs
+              UTNnakhjcit4akhwYkdIUUJNdHJnWmh4bEE4CnBmWGd0N29jQ3RVVVBYL25yOWV3
+              UEdjak0vWG1FdGNUemN2VFNiNVhUVHMKLS0tIE9vYkZiaUdCUFVCZUFlb3lBSDht
+              aVprSGo0Qlp6b294T1hPQmIwTS9UeWcKXKI9w4Na0HunR5EX+2gUhI4SzlCrYwtn
+              uw17ieNU3P14Syi3NbQTL4RC0rjO2r4ouL2yBnHB+1r96MbPSKldzQ==
+              -----END AGE ENCRYPTED FILE-----
     lastmodified: "2024-04-14T13:09:40Z"
     mac: ENC[AES256_GCM,data:eW0CmHUGsyuDR3t1/6StrVkPt8MikHq0Jpb/GyWRxaOXcOzIUYwNDHIeDQxDB+Zx3KQFeEHo2FcmeuCv9O0+YdC1+ft8GE5fmsk9AfzTtpwForjlKbVsvTVlaW/TmJrNtFyMlIp0D7S1WEEYoIRE7bTTKC6En6vyqXk7h++PfqM=,iv:5h3btZ/BJZXHcn19Wq8gFArAlo9nhzmes5FmfJT/KWc=,tag:vXXHbH6MzwGZzHXc1T+lQQ==,type:str]
     pgp: []

diff --git a/...xternal-secrets/stores/kustomization.yaml → ...xternal-secrets/stores/kustomization.yaml b/...xternal-secrets/stores/kustomization.yaml → ...xternal-secrets/stores/kustomization.yaml
@@ -1,6 +1,6 @@
 ---
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
-namespace: kube-system
+namespace: security
 resources:
   - ./1password