diff --git a/kubernetes/main/apps/bitwarden/bitwarden/app/helmrelease.yaml b/kubernetes/main/apps/bitwarden/bitwarden/app/helmrelease.yaml new file mode 100644 index 0000000..03e4be7 --- /dev/null +++ b/kubernetes/main/apps/bitwarden/bitwarden/app/helmrelease.yaml @@ -0,0 +1,205 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta2.json +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: bitwarden +spec: + interval: 30m + chart: + spec: + chart: self-host + version: 2024.11.0 + sourceRef: + kind: HelmRepository + name: bitwarden + namespace: flux-system + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + retries: 3 + values: + sharedStorageClassName: "cluster-nvme" + general: + admins: "${SECRET_ADMIN_EMAIL}" + disableUserRegistration: "false" + cloudRegion: US + enableCloudCommunication: true + sharedStorageClassName: "cluster-nvme" + volumeAccessMode: "ReadWriteOnce" + domain: "bitwarden.${SECRET_EXTERNAL_DOMAIN}" + ingress: + enabled: true + className: traefik + annotations: + gethomepage.dev/enabled: "true" + gethomepage.dev/group: Home + gethomepage.dev/name: Bitwarden + gethomepage.dev/description: Password management + gethomepage.dev/icon: bitwarden + tls: + name: bitwarden-tls + clusterIssuer: letsencrypt-production + paths: + web: + path: / + pathType: ImplementationSpecific + attachments: + path: /attachments/ + pathType: ImplementationSpecific + api: + path: /api/ + pathType: ImplementationSpecific + icons: + path: /icons/ + pathType: ImplementationSpecific + notifications: + path: /notifications/ + pathType: ImplementationSpecific + events: + path: /events/ + pathType: ImplementationSpecific + scim: + path: /scim/ + pathType: ImplementationSpecific + sso: + path: /sso/ + pathType: ImplementationSpecific + identity: + path: /identity/ + pathType: ImplementationSpecific + admin: + path: /admin/ + pathType: ImplementationSpecific + email: + smtpSsl: "false" + smtpPort: "465" + smtpHost: "${SECRET_SMTP_HOST}" + replyToEmail: "${SECRET_SMTP_FROM}" + secrets: + secretName: bitwarden-secret + database: + enabled: false + #volume: + # backups: + # storageClass: "cluster-nvme" + # data: + # storageClass: "cluster-nvme" + # log: + # storageClass: "cluster-nvme" + volume: + dataprotection: + storageClass: "cluster-nvme" + attachments: + storageClass: "cluster-nvme" + licenses: + storageClass: "cluster-nvme" + logs: + enabled: true + storageClass: "cluster-nvme" + # rawManifests: + # preInstall: [] + # postInstall: + # - apiVersion: traefik.io/v1alpha1 + # kind: Middleware + # metadata: + # name: "bitwarden-self-host-middleware-stripprefix" + # spec: + # stripPrefix: + # prefixes: + # - /api + # - /attachements + # - /icons + # - /notifications + # - /events + # - /scim + # ##### NOTE: Admin, Identity, and SSO will not function correctly with path strip middleware + # - apiVersion: traefik.io/v1alpha1 + # kind: IngressRoute + # metadata: + # name: "bitwarden-self-host-ingress" + # spec: + # entryPoints: + # - websecure + # routes: + # - kind: Rule + # match: Host(`bitwarden.${SECRET_EXTERNAL_DOMAIN}`) && PathPrefix(`/`) + # services: + # - kind: Service + # name: bitwarden-self-host-web + # passHostHeader: true + # port: 5000 + # - kind: Rule + # match: Host(`bitwarden.${SECRET_EXTERNAL_DOMAIN}`) && PathPrefix(`/api/`) + # services: + # - kind: Service + # name: bitwarden-self-host-api + # port: 5000 + # middlewares: + # - name: "bitwarden-self-host-middleware-stripprefix" + # - kind: Rule + # match: Host(`bitwarden.${SECRET_EXTERNAL_DOMAIN}`) && PathPrefix(`/attachments/`) + # services: + # - kind: Service + # name: bitwarden-self-host-api + # port: 5000 + # middlewares: + # - name: "bitwarden-self-host-middleware-stripprefix" + # - kind: Rule + # match: Host(`bitwarden.${SECRET_EXTERNAL_DOMAIN}`) && PathPrefix(`/icons/`) + # services: + # - kind: Service + # name: bitwarden-self-host-icons + # port: 5000 + # middlewares: + # - name: "bitwarden-self-host-middleware-stripprefix" + # - kind: Rule + # match: Host(`bitwarden.${SECRET_EXTERNAL_DOMAIN}`) && PathPrefix(`/notifications/`) + # services: + # - kind: Service + # name: bitwarden-self-host-notifications + # port: 5000 + # middlewares: + # - name: "bitwarden-self-host-middleware-stripprefix" + # - kind: Rule + # match: Host(`bitwarden.${SECRET_EXTERNAL_DOMAIN}`) && PathPrefix(`/events/`) + # services: + # - kind: Service + # name: bitwarden-self-host-events + # port: 5000 + # middlewares: + # - name: "bitwarden-self-host-middleware-stripprefix" + # - kind: Rule + # match: Host(`bitwarden.${SECRET_EXTERNAL_DOMAIN}`) && PathPrefix(`/scim/`) + # services: + # - kind: Service + # name: bitwarden-self-host-scim + # port: 5000 + # middlewares: + # - name: "bitwarden-self-host-middleware-stripprefix" + # ##### NOTE: SSO will not function correctly with path strip middleware + # - kind: Rule + # match: Host(`bitwarden.${SECRET_EXTERNAL_DOMAIN}`) && PathPrefix(`/sso/`) + # services: + # - kind: Service + # name: bitwarden-self-host-sso + # port: 5000 + # ##### NOTE: Identity will not function correctly with path strip middleware + # - kind: Rule + # match: Host(`bitwarden.${SECRET_EXTERNAL_DOMAIN}`) && PathPrefix(`/identity/`) + # services: + # - kind: Service + # name: bitwarden-self-host-identity + # port: 5000 + # ##### NOTE: Admin will not function correctly with path strip middleware + # - kind: Rule + # match: Host(`bitwarden.${SECRET_EXTERNAL_DOMAIN}`) && PathPrefix(`/admin`) + # services: + # - kind: Service + # name: bitwarden-self-host-admin + # port: 5000 + # tls: + # certResolver: letsencrypt-production diff --git a/kubernetes/main/apps/bitwarden/bitwarden/app/kustomization.yaml b/kubernetes/main/apps/bitwarden/bitwarden/app/kustomization.yaml new file mode 100644 index 0000000..95bf474 --- /dev/null +++ b/kubernetes/main/apps/bitwarden/bitwarden/app/kustomization.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./secret.sops.yaml + - ./helmrelease.yaml diff --git a/kubernetes/main/apps/bitwarden/bitwarden/app/secret.sops.yaml b/kubernetes/main/apps/bitwarden/bitwarden/app/secret.sops.yaml new file mode 100644 index 0000000..ce98397 --- /dev/null +++ b/kubernetes/main/apps/bitwarden/bitwarden/app/secret.sops.yaml @@ -0,0 +1,34 @@ +# yamllint disable +kind: Secret +apiVersion: v1 +type: Opaque +metadata: + name: bitwarden-secret +stringData: + replyToEmail: ENC[AES256_GCM,data:7NR/XlAqsO4PtCNKQ890Njv6Qh2Jp6W/t0Lc8px7,iv:VznXZaMbwLda8LkrJDTc2UKurHRWqGTJ1T0/1C3VMus=,tag:Z+Wkfb7DqcaPam7AFrvWUw==,type:str] + globalSettings__installation__id: ENC[AES256_GCM,data:U091rHP2N4UjYgSdGrkDvSBZHQu9w8s75xWPCp6gfZ0773gW,iv:PZ2hBlqta/sclVQUtO6LYD/ZhL6e+Q+yDESxrt6CYjQ=,tag:1A/9gKzuflMqOktyoZ5adQ==,type:str] + globalSettings__installation__key: ENC[AES256_GCM,data:/pWJt9ElR+mgiv5m8I0Gdb5Z6H8=,iv:31bd6uhc45WMi41iACel8/YOjDjVTDxoR3Ok19+U43A=,tag:xtI3eCRActaFajUqVdxemw==,type:str] + globalSettings__mail__smtp__username: ENC[AES256_GCM,data:wGph7iTpKhvYXjsFKnPIFevGsJvgovvfNnIJPjFf,iv:o7l19Onw6PHMmk19e++zTArLmZrwSIAXgDpuwaDhjuo=,tag:ojY3lQFiP3G3oYeVQXri7A==,type:str] + globalSettings__mail__smtp__password: ENC[AES256_GCM,data:OQ3mROVpRAZ2MNFZtvRV0N74EPOaSdSvmaOJas1JCgEbHHNq0laLg5r2ufTYz9vA0aM=,iv:vB9ElILgqKyvY6wgQ8Nesg2pygGK9mcjIhEYGsHVWEQ=,tag:l84bsTR3twb3Al19FKezqA==,type:str] + globalSettings__sqlServer__connectionString: ENC[AES256_GCM,data:mJxp4MXvqV4T+/J7O0XX6+Z4kmo4IVFYvUPEBU0uaJ3w0YNcqPps+LH9pgFNOjwBWCAQ8QxvCH9ul2uSiYGhy41YjLsQD4X/UF1Hhimezc3IrexCDFkXXl4WIACAZjpQf6morvx9+/v0EvdxofP7auWQ2BGcid4lHYxO78gEAvPaueS+L0TerqEpEnxS26r2uMLOe2w5L0hxBKGQyWmWPx8mTAJXTgTaXAvKLT2G97JNa9a5EQSAPuBoi95F+CkQBEwbo6uwrcJS6DTWQmNefEdZ1D7Abp50zlpJfC7Tuf54tjnHyGya9EWEwc32mTadqCto047ySvDNNB2jgrG97HXvnqOo4LGpZn9jYGJsJZjVFibiy2+WHzgxDmU=,iv:Nq4LIbSDzk9WurGEPojUfRe8WqEOGO4t7WnfyYoupVo=,tag:yV7w9j9gRKuAsgsnxncUtA==,type:str] + #ENC[AES256_GCM,data:r7/63ugBvNNcFQGkau56LkG5lNH0NwvuA0OiRj0FOjAWlbf6sR7v5JOgIy97uMC+mBWy8A+OGZFO8p4bosrdrmzuomArHNnM4oWN498=,iv:2TaG5UkIEjLwPQpEZjOJdEviNNnSVi/e1lUUckJ+KqM=,tag:BPd/IOSUJvS1/mgPqqSlyQ==,type:comment] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age19nu7uf8dageqlmzk23x7vl24fpn0l7cq20l3l4xxf2sk2xd5h98qss437p + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFRGFTc01qRmdlMzZ0WE53 + OWtoUzBaMUp4T3FoYnJuVGhGODVna1RHYkRZCk0xWEVjOWp2YW9NZmE0MnNFYnJX + OEdHbkdsOWM4Tk44aTRVZ0VoNWorWDAKLS0tIHp2SE9Wd1lmTmV2eUFYRmRYNDZn + NFR5QkpIaFQ5Tk1FdGV3aUtzNTZsRXcKyNl9cFicgjcTiGkoQK/StLd7FEHGUVWD + hs8+h4ak+r++3+KpUay4aNqY09RtAzvUd4Vl3VQ2tYt/TOlDrgErHQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-11-29T17:22:46Z" + mac: ENC[AES256_GCM,data:+KthNzUdXl/XgnupjWiEdk8EHvHldUvUwfWT7FNpR+Pysl/fdI1fAK02rXOlY0ABCKpejSIobHipy3RkxTXiF6PPGTC4R0aoqxRvZjyXDCUaHc3F4KdYBH4vkGoBchosHJnOX0qymSEGbzJERRSjxEZ3JDg0JRIEB8jQtObGivs=,iv:w7XSWHs1RaDAuxsImvxDHo96T6qwaaYlXGZUP2nfqLg=,tag:QNSjFrABn8tf8nQlu5MXkw==,type:str] + pgp: [] + encrypted_regex: ^(data|stringData)$ + version: 3.9.1 diff --git a/kubernetes/main/apps/bitwarden/bitwarden/ks.yaml b/kubernetes/main/apps/bitwarden/bitwarden/ks.yaml new file mode 100644 index 0000000..2792893 --- /dev/null +++ b/kubernetes/main/apps/bitwarden/bitwarden/ks.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app bitwarden + namespace: flux-system +spec: + targetNamespace: bitwarden + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./kubernetes/main/apps/bitwarden/bitwarden/app + prune: true + sourceRef: + kind: GitRepository + name: k8s-gitops + wait: true + interval: 30m + retryInterval: 1m + timeout: 5m diff --git a/kubernetes/main/apps/bitwarden/kustomization.yaml b/kubernetes/main/apps/bitwarden/kustomization.yaml new file mode 100644 index 0000000..85537a8 --- /dev/null +++ b/kubernetes/main/apps/bitwarden/kustomization.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./namespace.yaml + #- ./bitwarden/ks.yaml diff --git a/kubernetes/main/apps/bitwarden/namespace.yaml b/kubernetes/main/apps/bitwarden/namespace.yaml new file mode 100644 index 0000000..8fdd863 --- /dev/null +++ b/kubernetes/main/apps/bitwarden/namespace.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: bitwarden + labels: + kustomize.toolkit.fluxcd.io/prune: disabled diff --git a/kubernetes/main/apps/home-office/plane/app/helmrelease.yaml b/kubernetes/main/apps/home-office/plane/app/helmrelease.yaml index 632ced6..96f9cc6 100644 --- a/kubernetes/main/apps/home-office/plane/app/helmrelease.yaml +++ b/kubernetes/main/apps/home-office/plane/app/helmrelease.yaml @@ -4,6 +4,8 @@ apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: &app plane + annotations: + secret.reloader.stakater.com/reload: "plane-secret" spec: interval: 30m chart: @@ -101,13 +103,13 @@ spec: pullPolicy: IfNotPresent env: - docstore_bucket: "uploads" + docstore_bucket: "plane" doc_upload_size_limit: "5242880" # 5MB sentry_dsn: "" sentry_environment: "" - cors_allowed_origins: "" default_cluster_domain: cluster.local + aws_region: "lab" valuesFrom: - targetPath: rabbitmq.external_rabbitmq_url diff --git a/kubernetes/main/apps/home-office/plane/app/secret.sops.yaml b/kubernetes/main/apps/home-office/plane/app/secret.sops.yaml index f596dcf..34c9aac 100644 --- a/kubernetes/main/apps/home-office/plane/app/secret.sops.yaml +++ b/kubernetes/main/apps/home-office/plane/app/secret.sops.yaml @@ -5,16 +5,16 @@ type: Opaque metadata: name: plane-secret stringData: - SECRET_KEY: ENC[AES256_GCM,data:Hlge8nCQC8cAwBAhKhOSIQDFqPCl0q8lp14Lrb1Ha1xfimzv0FYtWTHVGjP50cu5Kr1qv6SPSsU0rvHOdPvfuw==,iv:qY++THG8PWRGJb5qURyzV5C+022eBKOWdf19vdu3Stg=,tag:XhCcjURlz6xtFNzXehe1gw==,type:str] - POSTGRES_USER: ENC[AES256_GCM,data:XQVJU+0=,iv:8dc07OmRZA/PTyIsK8zHnLKa+HFeaQ4h09nNiWTNPlY=,tag:pmRJXHtSngQmTpUtY4xzmA==,type:str] - POSTGRES_DB: ENC[AES256_GCM,data:RtBCCWw=,iv:BpRYcn2BpIRcLmQcAIrunvtB4MDuDYkmJOnAsmPtat0=,tag:xvUhN8ixC5jY8ykAQwzjNQ==,type:str] - POSTGRES_PASSWORD: ENC[AES256_GCM,data:iiGNnq0jK1/1zYZG9xKh6FpHYwHynQ+0/bFW6ecrIcA=,iv:xQfhOf8DjSKU+5YE4OeaKBFojL8dx6EUAg9mIkPiKTk=,tag:+0OmSsaTRbIMDxiRtNo28w==,type:str] - POSTGRES_URL: ENC[AES256_GCM,data:tiUR01NTwPZvOaH3AewUl2DwMe6C1p+t/RwcnbHHGPtMv6LDUlszTJq5b3OODmNrCZql+FPmNretO+UWNKHRFB0+PbrtDLVR6Aia91PBVlWvYUwmHXIwLGkJWyTmQ6yQK3n0hHUhhA==,iv:x5bhArp40eaO7UrFVTT8dw89OaQRyJTAOH2VyQSmgbs=,tag:zsjobWSyB7a4CUvREBTNzw==,type:str] - REDIS_URL: ENC[AES256_GCM,data:ZVjRw2T2QvxentteSyAC5tzoc4VJM4U01JpLxvx9d+3kiRwhImYXhhDbzFvetfD52V3Z/Z+upOQhCaiFPxwBW2gSrNiQ/rxOiJoB65fKNg90NoIn,iv:VxmX6waqWRyre6nbM63K5sUrxbDmbyXaakIqZFkKVjg=,tag:dgxCagZKumzE8w4QK4mrYQ==,type:str] - RABBITMQ_URL: ENC[AES256_GCM,data:fsKrT7di5yPxRkSF1AmWsjvqBeSZHuBUx7MzfXdM+uXa9t+BSOjRN1P+oUYGj09jRY/PEsYjouTJKTCCCkD3noC88j4IkwcxhEJrbIgvgZKhH3yzsjQBzJDevCE=,iv:I1wUED3rLlu4Mds9jk3Io2vt2iCdEoUu9U7d6g0Xgnk=,tag:jFfA1WN3HoA+4PexBy9ByA==,type:str] - MINIO_URL: ENC[AES256_GCM,data:AHOPIiRJrX/6UAaTGpVhMMhLzugupdi7o2GZjTVl1n7td5Z8naNiNUp/UVKP2ge9K6XLyZZIYwV+VoPEaD54IYRdlL7aE/XH6bMrY3btxdYakplkesktT/kIWBLWsYC8vI3yoWuust/5LO3lZMw/x6w=,iv:W4FyvWVqCKdrofH4fgPiqADgz+PAHYiM9HX5s3dt5RA=,tag:FgdSBWTiCkw/hmsPNWKdQw==,type:str] - MINIO_ACCESS_KEY: ENC[AES256_GCM,data:i8hXPpjmov8WfOL8OkafOaRgPgU=,iv:A2pk8x5LxHLldMD61O/bvb5G7Jdt/m3I4/aShUs88Ao=,tag:27gEOSWw2x/1oEYh/k85JQ==,type:str] - MINIO_SECRET_KEY: ENC[AES256_GCM,data:YG7/kjI65vmvzBj7XuuGbSlNg3ZfmJn5UtwZCK8he6BbIXvw1Tu5JA==,iv:vj/UOmOpRB99143VwdOOvf79kMNA7SRx0CdgMEv9938=,tag:K+1AauPt+SHTq1rfecDAhg==,type:str] + SECRET_KEY: ENC[AES256_GCM,data:pyE8ZRQex5957x5VDzpeSReEjyHVd/rk94VHGc7HG4c/adp7lxQHkPccnANEmykqwtqJg6KtqIIsS/YpryHGYw==,iv:30hN0ptSC1JYSMKAHLF7IAReblrMfwBhzMlaTP79jCw=,tag:BBFQyHFmkLyr8Nyhbn6xyg==,type:str] + POSTGRES_USER: ENC[AES256_GCM,data:ZZTLn2U=,iv:qm5YKuCIkpnz3uJQoVTs3B8Vxsc69YnAMCzCoRUiqgY=,tag:0NEF0vkUJ0dJQwzk+qJqRQ==,type:str] + POSTGRES_DB: ENC[AES256_GCM,data:KwXEG2Y=,iv:64EbD5HwoXTWbxx873BuYOA5fIOhNiS+aOaLP58sMwU=,tag:+zNWs1POt6AY6xhcIylbQg==,type:str] + POSTGRES_PASSWORD: ENC[AES256_GCM,data:1tkv0m6ydV6RlYrIFxceroBQTqr+Xjfdmadm7riFPB4=,iv:SgVnc1RIjCHDx4GKA9jQgx3YCvIg4QWIiZUqr7UZRLY=,tag:9ejNoI5L3Jbo4xkbTC3Z+Q==,type:str] + POSTGRES_URL: ENC[AES256_GCM,data:jdFVXgLI2Qv5jJmGQAhHTu0XpxGu6JPuFG3PTBW4baAP4QcbZ+KPs+613s1wTrvkBWJojozmIyromW10s9g7Bw84EuUMKGfHlaEEI8m67e0vd34S1IMdzLqpP/lpmurpubCJLpjfoQ==,iv:+jzI0ki4Er+gGVpbTiakPp0eTCo5pgsteaR9WqGVTDA=,tag:xYzx5ir9aE9GBx01oQTfhA==,type:str] + REDIS_URL: ENC[AES256_GCM,data:oXzRSiCowUGlrXKuHklnigK42Wu9+djN0SjpLt9fWE9Bt7dfRE2/ntapin2Pw0ffKGHeOX0HQ4AaBW5weSegbF2d8pbM+aRAp88OyfW/0+mR,iv:DdVFCYjtzeRAgdktCHkOobBsO4x8K3krnJkjWNFfqfE=,tag:cUNPMXwvA5op725E6rjlhw==,type:str] + RABBITMQ_URL: ENC[AES256_GCM,data:PvHXUBLsq5rmGPy4KRSnlF4bJ3zX0yRnhnAAaj63VFyCI/akhozMp14E7FtRUXKxXPH1Lx49irYlFkQitcjZiQAiV3C/Z9WV6ZinZvz2ZQJ/CiONhp8bqLNMy6w=,iv:8S51kMQqAHlyGTnvx52/uIKAO8DGi2P1jGr+YVr6nD8=,tag:FkHk1ipw2VmjSV5pGxnMUQ==,type:str] + MINIO_URL: ENC[AES256_GCM,data:61wIJdTu72PIKkq3acm+NqOZ/ikQgR7m85s=,iv:mSQARlv1YInlOC72kls2zBo64mlm8lraCg7FeCjgSrA=,tag:R2Z0E2aasn0YxgPCxT4oeA==,type:str] + MINIO_ACCESS_KEY: ENC[AES256_GCM,data:mD8px9AHb2Si8c2UWzEJ8y8PMQY=,iv:dAoy9MT8c0vgZ9oQLD/Ky/SGYb/awMSYzY/iFTx2czw=,tag:eN6IaZDS/q8KzmdugAdQCg==,type:str] + MINIO_SECRET_KEY: ENC[AES256_GCM,data:ticgtGuG588hJqeQF7xU99g85DYeeMwwf0UpO+xSdbyob7TEXRBi8A==,iv:txLd61gufYn2xfg6tmfNNcpNUZPdPUkQ/idhmWDpYDc=,tag:sFDl9yNXGBggGeNLeDf0Ww==,type:str] sops: kms: [] gcp_kms: [] @@ -24,14 +24,14 @@ sops: - recipient: age19nu7uf8dageqlmzk23x7vl24fpn0l7cq20l3l4xxf2sk2xd5h98qss437p enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5cUNsRW9PaWtFTEJORDZx - eDBRdXg3QkhzMzFGVHJpTkZaK0wyYlNMdzJvCk1XZTUrNzJpZlZpWHRuUEVvekFF - QU12aVRoR3N6eUR6aHEwTWlIOU9SazQKLS0tIGU2ZmloNWxHRGFEQ1YwUjBONENS - bGxqQmhESjY2L01mSUVtYUdxVlpzR28KlXVdYP1I98OeiUi+h1+JHpm4/SS1OwiI - 4FfbygAqlk5xDMc7+rGvkeN82MMJTJf2FnIqtnYUlIBa+sh3A8L20Q== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwTU5FZnVPLzhHVlIwT3R3 + eGw4aHFoazRqR0oySzRPRTk5MWEzM1VIMmt3CnAvbkt4ajZPMnV3MWNWcURSdmNo + NFFpMWl4OU84TFBJNXdEWGh1NlBiZ3cKLS0tIHcvMi9YbzFrV3VQTCtXNlRvTHEv + WWowUno2ZVE3R29kb2JpeFZ1Ykd6ZTgKAGGXYCed/qenEvX+Oex31hGJT2lFEsXQ + DeVj5uVaoTnIBWa3zbqhIRvw++o8hbzJLk5cPASYdbdg4ZgDp+ylnQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-12-29T20:57:38Z" - mac: ENC[AES256_GCM,data:bTm/uac73fcZLlWKqRCtjdKTeHlwMcAnPiWBSOxs+BqXn0EeV65BL9oEJ/qpXPLyupvO2neUUnsrQawEo2G71m0voRrCxV3tAVfYgStQ+Ek/lJFdIlQxRrt9rIoSIc/eEeC6VYx90HHWO7gXT06B46fN66emxotY0IoG1BbWVRY=,iv:+d79pdiiRFxulpSn+4X5WTQo4xArwTHZjfYdW3s8YLE=,tag:V+WVxVWbY+hnpObNr63aCg==,type:str] + lastmodified: "2024-12-29T22:00:05Z" + mac: ENC[AES256_GCM,data:aHKx3LP25IN7JkS9Xq+2xeXkkCcFBRpSxA7VtRNA0CcbppfUCKlzfd4xwdkl8GHJXKKtYyedRvJ9wgGHGkOz0F3kMEyGs0laEFd4O4+BTHVquNGeftR74R1aK5p2uXNaPWkKAJ9mpxZxEYhQ8/u6InR1R86JsOyjVfRBEVKqWjM=,iv:f+wNf2/Vzs+rv9CJJ8IRJCZmyy01Gz8csKh3XFi5W2c=,tag:oYRcHr70F4tTHQ/Rmnr0mQ==,type:str] pgp: [] encrypted_regex: ^(data|stringData)$ version: 3.9.2 diff --git a/scripts/kubeconform.sh b/scripts/kubeconform.sh old mode 100644 new mode 100755