From a24674d57e7fa003fc2aee7ca09fb9a710e9b8c2 Mon Sep 17 00:00:00 2001 From: Wolfgang Hottgenroth Date: Mon, 3 Feb 2025 12:50:52 +0100 Subject: [PATCH] add token and ci script --- .woodpecker.yml | 16 ++++++++++++++++ install.sh | 7 +++++++ secrets.asc | 8 ++++++++ 3 files changed, 31 insertions(+) create mode 100644 .woodpecker.yml create mode 100644 secrets.asc diff --git a/.woodpecker.yml b/.woodpecker.yml new file mode 100644 index 0000000..7cca8cc --- /dev/null +++ b/.woodpecker.yml @@ -0,0 +1,16 @@ +steps: + deploy: + image: quay.io/wollud1969/woodpecker-helper:0.4.1 + environment: + KUBE_CONFIG_CONTENT: + from_secret: kube_config + GPG_PASSPHRASE: + from_secret: gpg_passphrase + commands: + - export IMAGE_TAG=$CI_COMMIT_TAG + - printf "$KUBE_CONFIG_CONTENT" > /tmp/kubeconfig + - export KUBECONFIG=/tmp/kubeconfig + - ./install.sh + when: + - event: tag + diff --git a/install.sh b/install.sh index c5c25a7..d3f1aa0 100755 --- a/install.sh +++ b/install.sh @@ -9,6 +9,13 @@ kubectl create namespace $NAMESPACE \ -o yaml | \ kubectl -f - apply +eval "`cat secrets.asc | /usr/local/bin/decrypt-secrets.sh`" +kubectl create secret generic trivy-secret \ + --dry-run=client \ + -o yaml \ + --save-config \ + --from-literal=serverToken=$serverToken | \ + kubectl apply -f - -n $NAMESPACE helm repo add aquasecurity https://aquasecurity.github.io/helm-charts/ helm repo update diff --git a/secrets.asc b/secrets.asc new file mode 100644 index 0000000..5f555bd --- /dev/null +++ b/secrets.asc @@ -0,0 +1,8 @@ +-----BEGIN PGP MESSAGE----- + +jA0ECQMInXOggkRURoP70owBc5Bp2aQL5X6HfMQkHEia+YXfOjg7aleWZjz5R0oE +8fwMoEy/trg82Y+L07/G7QzPHUJEM1wzFDLMIKw/LeiPCY/+U0L3EpCD5AnhZVDM +ooIthRKWX02TYTMpP7pIXlYuLsBQbisne4XeyQqZAky+DosMRihO1c7pQo1f/V2x +cEtEEQgvljNfa1XoOA== +=FXwX +-----END PGP MESSAGE-----