add openssl

rename quay image
add helm
2025-02-03 13:52:08 +01:00 · 2025-02-03 12:47:47 +01:00 · 2025-02-03 12:45:40 +01:00 · 2025-02-03 12:34:32 +01:00 · 2025-01-29 17:24:28 +01:00 · 2025-01-22 16:39:00 +01:00
3 changed files with 34 additions and 2 deletions
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@ -22,7 +22,7 @@ steps:
  build:
    image: plugins/kaniko
    settings:
-      repo: quay.io/wollud1969/k8s-admin-helper
+      repo: quay.io/wollud1969/woodpecker-helper
      registry: quay.io
      tags: 
        - latest
--- a/13
+++ b/13
@ -1,4 +1,15 @@
 FROM alpine:latest

-RUN apk add --no-cache kubectl gpg
+ARG USER="user"
+
+RUN \
+    echo "@testing https://dl-cdn.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories && \
+    apk add --no-cache kubectl openssl gpg gpg-agent bash trivy@testing curl helm && \
+    addgroup $USER && \
+    adduser -G $USER -D $USER
+
+COPY decrypt-secrets.sh /usr/local/bin/
+
+USER $USER
+WORKDIR /home/$USER

--- a/decrypt-secrets.sh
+++ b/decrypt-secrets.sh
@ -0,0 +1,21 @@
+#!/bin/bash
+
+#
+# Set the environment variable GPG_PASSPHRASE
+# Pipe the encrypted data and 
+#   - redirect the output into the destination file or
+#   - directly eval the output, in this case make sure ONLY variable definitions are in the file
+#
+# The second option would be
+#   eval "`cat secrets.asc | ./decrypt-secrets.sh`"
+#
+# To create the encrypted file use
+#   gpg --symmetric --cipher-algo AES256 --armor --output secrets.asc secrets.txt
+# where secrets.txt is the cleartext file and secrets.asc will be the encrypted file.
+# Make sure to use a good passphrase, make sure to store the passphrase safely.
+#
+# Adding the encrypted file secrets.asc to a source code repository is secure.
+#
+
+
+gpg --decrypt --passphrase $GPG_PASSPHRASE --yes --batch --homedir /tmp/.gnupg --output -
Author	SHA1	Message	Date
Wolfgang Hottgenroth	ec883f6b16	add openssl All checks were successful ci/woodpecker/push/woodpecker Pipeline was successful Details ci/woodpecker/tag/woodpecker Pipeline was successful Details	2025-02-03 13:52:08 +01:00
Wolfgang Hottgenroth	b5f95d3fc9	rename quay image All checks were successful ci/woodpecker/push/woodpecker Pipeline was successful Details ci/woodpecker/tag/woodpecker Pipeline was successful Details	2025-02-03 12:47:47 +01:00
Wolfgang Hottgenroth	77d5158659	add helm All checks were successful ci/woodpecker/push/woodpecker Pipeline was successful Details ci/woodpecker/tag/woodpecker Pipeline was successful Details	2025-02-03 12:45:40 +01:00
Wolfgang Hottgenroth	c418a6ce4b	add trivy and curl All checks were successful ci/woodpecker/push/woodpecker Pipeline was successful Details ci/woodpecker/tag/woodpecker Pipeline was successful Details	2025-02-03 12:34:32 +01:00
Wolfgang Hottgenroth	b6904e4ed2	add documented decrypt script All checks were successful ci/woodpecker/push/woodpecker Pipeline was successful Details ci/woodpecker/tag/woodpecker Pipeline was successful Details	2025-01-29 17:24:28 +01:00
Wolfgang Hottgenroth	118baa38f8	gpg fix All checks were successful ci/woodpecker/push/woodpecker Pipeline was successful Details ci/woodpecker/tag/woodpecker Pipeline was successful Details	2025-01-22 16:39:00 +01:00
Wolfgang Hottgenroth	cab241a96e	gpg-agent All checks were successful ci/woodpecker/push/woodpecker Pipeline was successful Details ci/woodpecker/tag/woodpecker Pipeline was successful Details	2025-01-22 15:39:51 +01:00
Wolfgang Hottgenroth	c60fcfd26b	add bash All checks were successful ci/woodpecker/push/woodpecker Pipeline was successful Details ci/woodpecker/tag/woodpecker Pipeline was successful Details	2025-01-22 14:01:17 +01:00
Wolfgang Hottgenroth	088e773e63	fix All checks were successful ci/woodpecker/push/woodpecker Pipeline was successful Details ci/woodpecker/tag/woodpecker Pipeline was successful Details	2025-01-22 13:35:50 +01:00
Wolfgang Hottgenroth	c4d73c8529	user All checks were successful ci/woodpecker/push/woodpecker Pipeline was successful Details	2025-01-22 13:33:15 +01:00