This repository stores sensitive data for GLACIATION Use Case 4 by IPTO. Sensitive data is securely encrypted with the use of Sealed Secrets.
The core idea is to manually manage human-readable secret templates and secret values in .env.
This repo provides a tool to convert these manually managed artifacts to Sealed Secrets files that you can commit to Git
and reuse in GitOps processes.
Follow these steps to set up the project:
-
Clone the Repository
Clone the repository to your local environment:git clone <repository-url> cd <repository-folder>
-
Install Dependencies
Make sure you have the required tools installed: -
Access Kubernetes Cluster
Ensure you have access to the target cluster:- Set up your kubeconfig file to point to the Integration environment.
- You can verify access by running:
kubectl get nodes
-
Verify the Sealed Secrets Controller
Confirm that the Sealed Secrets controller is installed and running in the Kubernetes cluster:kubectl get pods -A | grep sealed-secrets
-
Create your
.envfile fromexample.env. Do not commit your secrets to Git! -
Create a template file for your secret. Use uc4-minio-configuration.yaml as example.
-
Generate sealed secret
./scripts/seal.sh secrets/templates/example-secret.yamlNow the new sealed secret file is created in
secrets/sealed. -
Now you can deliver the secret to the cluster
kubectl apply -f secrets/templates/example-secret.yaml