diff --git a/kubernetes/main/apps/bitwarden/bitwarden/app/helmrelease.yaml b/kubernetes/main/apps/bitwarden/bitwarden/app/helmrelease.yaml new file mode 100644 index 0000000..03e4be7 --- /dev/null +++ b/kubernetes/main/apps/bitwarden/bitwarden/app/helmrelease.yaml @@ -0,0 +1,205 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta2.json +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: bitwarden +spec: + interval: 30m + chart: + spec: + chart: self-host + version: 2024.11.0 + sourceRef: + kind: HelmRepository + name: bitwarden + namespace: flux-system + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + retries: 3 + values: + sharedStorageClassName: "cluster-nvme" + general: + admins: "${SECRET_ADMIN_EMAIL}" + disableUserRegistration: "false" + cloudRegion: US + enableCloudCommunication: true + sharedStorageClassName: "cluster-nvme" + volumeAccessMode: "ReadWriteOnce" + domain: "bitwarden.${SECRET_EXTERNAL_DOMAIN}" + ingress: + enabled: true + className: traefik + annotations: + gethomepage.dev/enabled: "true" + gethomepage.dev/group: Home + gethomepage.dev/name: Bitwarden + gethomepage.dev/description: Password management + gethomepage.dev/icon: bitwarden + tls: + name: bitwarden-tls + clusterIssuer: letsencrypt-production + paths: + web: + path: / + pathType: ImplementationSpecific + attachments: + path: /attachments/ + pathType: ImplementationSpecific + api: + path: /api/ + pathType: ImplementationSpecific + icons: + path: /icons/ + pathType: ImplementationSpecific + notifications: + path: /notifications/ + pathType: ImplementationSpecific + events: + path: /events/ + pathType: ImplementationSpecific + scim: + path: /scim/ + pathType: ImplementationSpecific + sso: + path: /sso/ + pathType: ImplementationSpecific + identity: + path: /identity/ + pathType: ImplementationSpecific + admin: + path: /admin/ + pathType: ImplementationSpecific + email: + smtpSsl: "false" + smtpPort: "465" + smtpHost: "${SECRET_SMTP_HOST}" + replyToEmail: "${SECRET_SMTP_FROM}" + secrets: + secretName: bitwarden-secret + database: + enabled: false + #volume: + # backups: + # storageClass: "cluster-nvme" + # data: + # storageClass: "cluster-nvme" + # log: + # storageClass: "cluster-nvme" + volume: + dataprotection: + storageClass: "cluster-nvme" + attachments: + storageClass: "cluster-nvme" + licenses: + storageClass: "cluster-nvme" + logs: + enabled: true + storageClass: "cluster-nvme" + # rawManifests: + # preInstall: [] + # postInstall: + # - apiVersion: traefik.io/v1alpha1 + # kind: Middleware + # metadata: + # name: "bitwarden-self-host-middleware-stripprefix" + # spec: + # stripPrefix: + # prefixes: + # - /api + # - /attachements + # - /icons + # - /notifications + # - /events + # - /scim + # ##### NOTE: Admin, Identity, and SSO will not function correctly with path strip middleware + # - apiVersion: traefik.io/v1alpha1 + # kind: IngressRoute + # metadata: + # name: "bitwarden-self-host-ingress" + # spec: + # entryPoints: + # - websecure + # routes: + # - kind: Rule + # match: Host(`bitwarden.${SECRET_EXTERNAL_DOMAIN}`) && PathPrefix(`/`) + # services: + # - kind: Service + # name: bitwarden-self-host-web + # passHostHeader: true + # port: 5000 + # - kind: Rule + # match: Host(`bitwarden.${SECRET_EXTERNAL_DOMAIN}`) && PathPrefix(`/api/`) + # services: + # - kind: Service + # name: bitwarden-self-host-api + # port: 5000 + # middlewares: + # - name: "bitwarden-self-host-middleware-stripprefix" + # - kind: Rule + # match: Host(`bitwarden.${SECRET_EXTERNAL_DOMAIN}`) && PathPrefix(`/attachments/`) + # services: + # - kind: Service + # name: bitwarden-self-host-api + # port: 5000 + # middlewares: + # - name: "bitwarden-self-host-middleware-stripprefix" + # - kind: Rule + # match: Host(`bitwarden.${SECRET_EXTERNAL_DOMAIN}`) && PathPrefix(`/icons/`) + # services: + # - kind: Service + # name: bitwarden-self-host-icons + # port: 5000 + # middlewares: + # - name: "bitwarden-self-host-middleware-stripprefix" + # - kind: Rule + # match: Host(`bitwarden.${SECRET_EXTERNAL_DOMAIN}`) && PathPrefix(`/notifications/`) + # services: + # - kind: Service + # name: bitwarden-self-host-notifications + # port: 5000 + # middlewares: + # - name: "bitwarden-self-host-middleware-stripprefix" + # - kind: Rule + # match: Host(`bitwarden.${SECRET_EXTERNAL_DOMAIN}`) && PathPrefix(`/events/`) + # services: + # - kind: Service + # name: bitwarden-self-host-events + # port: 5000 + # middlewares: + # - name: "bitwarden-self-host-middleware-stripprefix" + # - kind: Rule + # match: Host(`bitwarden.${SECRET_EXTERNAL_DOMAIN}`) && PathPrefix(`/scim/`) + # services: + # - kind: Service + # name: bitwarden-self-host-scim + # port: 5000 + # middlewares: + # - name: "bitwarden-self-host-middleware-stripprefix" + # ##### NOTE: SSO will not function correctly with path strip middleware + # - kind: Rule + # match: Host(`bitwarden.${SECRET_EXTERNAL_DOMAIN}`) && PathPrefix(`/sso/`) + # services: + # - kind: Service + # name: bitwarden-self-host-sso + # port: 5000 + # ##### NOTE: Identity will not function correctly with path strip middleware + # - kind: Rule + # match: Host(`bitwarden.${SECRET_EXTERNAL_DOMAIN}`) && PathPrefix(`/identity/`) + # services: + # - kind: Service + # name: bitwarden-self-host-identity + # port: 5000 + # ##### NOTE: Admin will not function correctly with path strip middleware + # - kind: Rule + # match: Host(`bitwarden.${SECRET_EXTERNAL_DOMAIN}`) && PathPrefix(`/admin`) + # services: + # - kind: Service + # name: bitwarden-self-host-admin + # port: 5000 + # tls: + # certResolver: letsencrypt-production diff --git a/kubernetes/main/apps/bitwarden/bitwarden/app/kustomization.yaml b/kubernetes/main/apps/bitwarden/bitwarden/app/kustomization.yaml new file mode 100644 index 0000000..95bf474 --- /dev/null +++ b/kubernetes/main/apps/bitwarden/bitwarden/app/kustomization.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./secret.sops.yaml + - ./helmrelease.yaml diff --git a/kubernetes/main/apps/bitwarden/bitwarden/app/secret.sops.yaml b/kubernetes/main/apps/bitwarden/bitwarden/app/secret.sops.yaml new file mode 100644 index 0000000..ce98397 --- /dev/null +++ b/kubernetes/main/apps/bitwarden/bitwarden/app/secret.sops.yaml @@ -0,0 +1,34 @@ +# yamllint disable +kind: Secret +apiVersion: v1 +type: Opaque +metadata: + name: bitwarden-secret +stringData: + replyToEmail: ENC[AES256_GCM,data:7NR/XlAqsO4PtCNKQ890Njv6Qh2Jp6W/t0Lc8px7,iv:VznXZaMbwLda8LkrJDTc2UKurHRWqGTJ1T0/1C3VMus=,tag:Z+Wkfb7DqcaPam7AFrvWUw==,type:str] + globalSettings__installation__id: ENC[AES256_GCM,data:U091rHP2N4UjYgSdGrkDvSBZHQu9w8s75xWPCp6gfZ0773gW,iv:PZ2hBlqta/sclVQUtO6LYD/ZhL6e+Q+yDESxrt6CYjQ=,tag:1A/9gKzuflMqOktyoZ5adQ==,type:str] + globalSettings__installation__key: ENC[AES256_GCM,data:/pWJt9ElR+mgiv5m8I0Gdb5Z6H8=,iv:31bd6uhc45WMi41iACel8/YOjDjVTDxoR3Ok19+U43A=,tag:xtI3eCRActaFajUqVdxemw==,type:str] + globalSettings__mail__smtp__username: ENC[AES256_GCM,data:wGph7iTpKhvYXjsFKnPIFevGsJvgovvfNnIJPjFf,iv:o7l19Onw6PHMmk19e++zTArLmZrwSIAXgDpuwaDhjuo=,tag:ojY3lQFiP3G3oYeVQXri7A==,type:str] + globalSettings__mail__smtp__password: ENC[AES256_GCM,data:OQ3mROVpRAZ2MNFZtvRV0N74EPOaSdSvmaOJas1JCgEbHHNq0laLg5r2ufTYz9vA0aM=,iv:vB9ElILgqKyvY6wgQ8Nesg2pygGK9mcjIhEYGsHVWEQ=,tag:l84bsTR3twb3Al19FKezqA==,type:str] + globalSettings__sqlServer__connectionString: ENC[AES256_GCM,data:mJxp4MXvqV4T+/J7O0XX6+Z4kmo4IVFYvUPEBU0uaJ3w0YNcqPps+LH9pgFNOjwBWCAQ8QxvCH9ul2uSiYGhy41YjLsQD4X/UF1Hhimezc3IrexCDFkXXl4WIACAZjpQf6morvx9+/v0EvdxofP7auWQ2BGcid4lHYxO78gEAvPaueS+L0TerqEpEnxS26r2uMLOe2w5L0hxBKGQyWmWPx8mTAJXTgTaXAvKLT2G97JNa9a5EQSAPuBoi95F+CkQBEwbo6uwrcJS6DTWQmNefEdZ1D7Abp50zlpJfC7Tuf54tjnHyGya9EWEwc32mTadqCto047ySvDNNB2jgrG97HXvnqOo4LGpZn9jYGJsJZjVFibiy2+WHzgxDmU=,iv:Nq4LIbSDzk9WurGEPojUfRe8WqEOGO4t7WnfyYoupVo=,tag:yV7w9j9gRKuAsgsnxncUtA==,type:str] + #ENC[AES256_GCM,data:r7/63ugBvNNcFQGkau56LkG5lNH0NwvuA0OiRj0FOjAWlbf6sR7v5JOgIy97uMC+mBWy8A+OGZFO8p4bosrdrmzuomArHNnM4oWN498=,iv:2TaG5UkIEjLwPQpEZjOJdEviNNnSVi/e1lUUckJ+KqM=,tag:BPd/IOSUJvS1/mgPqqSlyQ==,type:comment] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age19nu7uf8dageqlmzk23x7vl24fpn0l7cq20l3l4xxf2sk2xd5h98qss437p + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFRGFTc01qRmdlMzZ0WE53 + OWtoUzBaMUp4T3FoYnJuVGhGODVna1RHYkRZCk0xWEVjOWp2YW9NZmE0MnNFYnJX + OEdHbkdsOWM4Tk44aTRVZ0VoNWorWDAKLS0tIHp2SE9Wd1lmTmV2eUFYRmRYNDZn + NFR5QkpIaFQ5Tk1FdGV3aUtzNTZsRXcKyNl9cFicgjcTiGkoQK/StLd7FEHGUVWD + hs8+h4ak+r++3+KpUay4aNqY09RtAzvUd4Vl3VQ2tYt/TOlDrgErHQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-11-29T17:22:46Z" + mac: ENC[AES256_GCM,data:+KthNzUdXl/XgnupjWiEdk8EHvHldUvUwfWT7FNpR+Pysl/fdI1fAK02rXOlY0ABCKpejSIobHipy3RkxTXiF6PPGTC4R0aoqxRvZjyXDCUaHc3F4KdYBH4vkGoBchosHJnOX0qymSEGbzJERRSjxEZ3JDg0JRIEB8jQtObGivs=,iv:w7XSWHs1RaDAuxsImvxDHo96T6qwaaYlXGZUP2nfqLg=,tag:QNSjFrABn8tf8nQlu5MXkw==,type:str] + pgp: [] + encrypted_regex: ^(data|stringData)$ + version: 3.9.1 diff --git a/kubernetes/main/apps/bitwarden/bitwarden/ks.yaml b/kubernetes/main/apps/bitwarden/bitwarden/ks.yaml new file mode 100644 index 0000000..2792893 --- /dev/null +++ b/kubernetes/main/apps/bitwarden/bitwarden/ks.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app bitwarden + namespace: flux-system +spec: + targetNamespace: bitwarden + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./kubernetes/main/apps/bitwarden/bitwarden/app + prune: true + sourceRef: + kind: GitRepository + name: k8s-gitops + wait: true + interval: 30m + retryInterval: 1m + timeout: 5m diff --git a/kubernetes/main/apps/bitwarden/kustomization.yaml b/kubernetes/main/apps/bitwarden/kustomization.yaml new file mode 100644 index 0000000..85537a8 --- /dev/null +++ b/kubernetes/main/apps/bitwarden/kustomization.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./namespace.yaml + #- ./bitwarden/ks.yaml diff --git a/kubernetes/main/apps/bitwarden/namespace.yaml b/kubernetes/main/apps/bitwarden/namespace.yaml new file mode 100644 index 0000000..8fdd863 --- /dev/null +++ b/kubernetes/main/apps/bitwarden/namespace.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: bitwarden + labels: + kustomize.toolkit.fluxcd.io/prune: disabled diff --git a/kubernetes/main/apps/home-office/plane/app/helmrelease.yaml b/kubernetes/main/apps/home-office/plane/app/helmrelease.yaml index 632ced6..96f9cc6 100644 --- a/kubernetes/main/apps/home-office/plane/app/helmrelease.yaml +++ b/kubernetes/main/apps/home-office/plane/app/helmrelease.yaml @@ -4,6 +4,8 @@ apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: &app plane + annotations: + secret.reloader.stakater.com/reload: "plane-secret" spec: interval: 30m chart: @@ -101,13 +103,13 @@ spec: pullPolicy: IfNotPresent env: - docstore_bucket: "uploads" + docstore_bucket: "plane" doc_upload_size_limit: "5242880" # 5MB sentry_dsn: "" sentry_environment: "" - cors_allowed_origins: "" default_cluster_domain: cluster.local + aws_region: "lab" valuesFrom: - targetPath: rabbitmq.external_rabbitmq_url diff --git a/kubernetes/main/apps/home-office/plane/app/secret.sops.yaml b/kubernetes/main/apps/home-office/plane/app/secret.sops.yaml index f596dcf..3f88efb 100644 --- a/kubernetes/main/apps/home-office/plane/app/secret.sops.yaml +++ b/kubernetes/main/apps/home-office/plane/app/secret.sops.yaml @@ -5,16 +5,16 @@ type: Opaque metadata: name: plane-secret stringData: - SECRET_KEY: ENC[AES256_GCM,data:Hlge8nCQC8cAwBAhKhOSIQDFqPCl0q8lp14Lrb1Ha1xfimzv0FYtWTHVGjP50cu5Kr1qv6SPSsU0rvHOdPvfuw==,iv:qY++THG8PWRGJb5qURyzV5C+022eBKOWdf19vdu3Stg=,tag:XhCcjURlz6xtFNzXehe1gw==,type:str] - POSTGRES_USER: ENC[AES256_GCM,data:XQVJU+0=,iv:8dc07OmRZA/PTyIsK8zHnLKa+HFeaQ4h09nNiWTNPlY=,tag:pmRJXHtSngQmTpUtY4xzmA==,type:str] - POSTGRES_DB: ENC[AES256_GCM,data:RtBCCWw=,iv:BpRYcn2BpIRcLmQcAIrunvtB4MDuDYkmJOnAsmPtat0=,tag:xvUhN8ixC5jY8ykAQwzjNQ==,type:str] - POSTGRES_PASSWORD: ENC[AES256_GCM,data:iiGNnq0jK1/1zYZG9xKh6FpHYwHynQ+0/bFW6ecrIcA=,iv:xQfhOf8DjSKU+5YE4OeaKBFojL8dx6EUAg9mIkPiKTk=,tag:+0OmSsaTRbIMDxiRtNo28w==,type:str] - POSTGRES_URL: ENC[AES256_GCM,data:tiUR01NTwPZvOaH3AewUl2DwMe6C1p+t/RwcnbHHGPtMv6LDUlszTJq5b3OODmNrCZql+FPmNretO+UWNKHRFB0+PbrtDLVR6Aia91PBVlWvYUwmHXIwLGkJWyTmQ6yQK3n0hHUhhA==,iv:x5bhArp40eaO7UrFVTT8dw89OaQRyJTAOH2VyQSmgbs=,tag:zsjobWSyB7a4CUvREBTNzw==,type:str] - REDIS_URL: ENC[AES256_GCM,data:ZVjRw2T2QvxentteSyAC5tzoc4VJM4U01JpLxvx9d+3kiRwhImYXhhDbzFvetfD52V3Z/Z+upOQhCaiFPxwBW2gSrNiQ/rxOiJoB65fKNg90NoIn,iv:VxmX6waqWRyre6nbM63K5sUrxbDmbyXaakIqZFkKVjg=,tag:dgxCagZKumzE8w4QK4mrYQ==,type:str] - RABBITMQ_URL: ENC[AES256_GCM,data:fsKrT7di5yPxRkSF1AmWsjvqBeSZHuBUx7MzfXdM+uXa9t+BSOjRN1P+oUYGj09jRY/PEsYjouTJKTCCCkD3noC88j4IkwcxhEJrbIgvgZKhH3yzsjQBzJDevCE=,iv:I1wUED3rLlu4Mds9jk3Io2vt2iCdEoUu9U7d6g0Xgnk=,tag:jFfA1WN3HoA+4PexBy9ByA==,type:str] - MINIO_URL: ENC[AES256_GCM,data:AHOPIiRJrX/6UAaTGpVhMMhLzugupdi7o2GZjTVl1n7td5Z8naNiNUp/UVKP2ge9K6XLyZZIYwV+VoPEaD54IYRdlL7aE/XH6bMrY3btxdYakplkesktT/kIWBLWsYC8vI3yoWuust/5LO3lZMw/x6w=,iv:W4FyvWVqCKdrofH4fgPiqADgz+PAHYiM9HX5s3dt5RA=,tag:FgdSBWTiCkw/hmsPNWKdQw==,type:str] - MINIO_ACCESS_KEY: ENC[AES256_GCM,data:i8hXPpjmov8WfOL8OkafOaRgPgU=,iv:A2pk8x5LxHLldMD61O/bvb5G7Jdt/m3I4/aShUs88Ao=,tag:27gEOSWw2x/1oEYh/k85JQ==,type:str] - MINIO_SECRET_KEY: ENC[AES256_GCM,data:YG7/kjI65vmvzBj7XuuGbSlNg3ZfmJn5UtwZCK8he6BbIXvw1Tu5JA==,iv:vj/UOmOpRB99143VwdOOvf79kMNA7SRx0CdgMEv9938=,tag:K+1AauPt+SHTq1rfecDAhg==,type:str] + SECRET_KEY: ENC[AES256_GCM,data:uDKlWRQR6pE2lNezowL76rE0Ym5TIsjIvZUdkVYFF2Tsq0UcE9vh2h/D12cCJK1e1Toz6gGp+IG/EtdP0/n17Q==,iv:b6PgIlv9A8njBgxq4R6NTRSDA1MvfE6vuwsOB1asQqE=,tag:WWcXwEoJanURP4JrdQWwAg==,type:str] + POSTGRES_USER: ENC[AES256_GCM,data:Nn/z7lM=,iv:dKWtnUEQe3SkK52RlUrpAbTd5wsjpQYrs7YfV/ApWS0=,tag:VvYdplwmDydOuSRlcFZ4Wg==,type:str] + POSTGRES_DB: ENC[AES256_GCM,data:KirGSs0=,iv:HML9Mr602Q5cq/bsAre9ZEGd5MRPoV6X1z/hFrBnXps=,tag:9AYWCE3zu4366hmmjqOjSw==,type:str] + POSTGRES_PASSWORD: ENC[AES256_GCM,data:6W/2Y6tOLX7cvPkQwKa/wAbRPmR6gv0IGebpVKBeYhI=,iv:4LdasOvdbz1LWEZRg/XS3VgWr+RRUJo+6WBo/KfSP3s=,tag:Q7J9DdRhJ8eaOj8FJ0gaOA==,type:str] + POSTGRES_URL: ENC[AES256_GCM,data:euphPEqVELj2apjqx271/l/AVtsLavJVga8vExTmIj+zKK4wOtHqtd2G81Xrncp5XQmFBXTDahmpAKWTRGp+86/9/0+wPaJnHAU9JhiMcNCP8WXp9ZT2hXnUEYOidmgPs+qBQC1khQ==,iv:ICvXmk8HL7FJxNc+twW9O23t63sjoMy/mtnkC2EwjKs=,tag:dBuljr3K6K8pKEo/xgSchg==,type:str] + REDIS_URL: ENC[AES256_GCM,data:q10Hug4vrMFw40Suo97fXw542dAJbHfOCuSTWmqt4LKJbephC62M6SVXpLmkKsD9JcPH8tMyRJwS8y3fKlQk9oVe5dKRukd8yymCdY9E8+NlkNQ/,iv:KU3uAbdZxlmjFVqYSkrgVxNY5JOVMzv46ML6BdfNGEY=,tag:baa7Mc/nkI52B6yn7z2JQw==,type:str] + RABBITMQ_URL: ENC[AES256_GCM,data:+nhJP6WAHhzQrb50/94J45zmkE8jZDcz7AaDGonSSccGHTmce+rni5UO8W6ZulFWmxTk+wwjV+qdhg7U5KjMdMzkpCSU/NCYPplaxGA7URjuo53zhGJuOOGfKe0=,iv:lsuCK3wa6AbORv6C7cYUUUoSpoIIt8jDLwlhokFPc48=,tag:+z+0ha3MkkH0ujV0Wt6ImA==,type:str] + MINIO_URL: ENC[AES256_GCM,data:kQQXnkudeXSrNn2yo8dggSgTzsC01nG0n6w=,iv:EELT/u0zFBcJ7QXuuInaWvFNyts5SIc6lt3aSCc/Ruw=,tag:0zLfOsen51DL9b03pnjl2A==,type:str] + MINIO_ACCESS_KEY: ENC[AES256_GCM,data:1kLGYIqAtJ5iRjBVSzGoqqFcjHA=,iv:ML19t7+8WUdKlH8zAgbod7YPmwviOa33ScTikblXdss=,tag:SCF2SN0tsKmz73HWgAuN+g==,type:str] + MINIO_SECRET_KEY: ENC[AES256_GCM,data:G12Vfhe/1jzLQVhSnczf24jzEea82wz072jlSoSbEQDovZTe7rrEDA==,iv:cDZ/AL0W/lAgteqDxokXSpC5cmwtuI9Myq5n2Efh8vA=,tag:NS/j7rBX+d9qImVGNE26lg==,type:str] sops: kms: [] gcp_kms: [] @@ -24,14 +24,14 @@ sops: - recipient: age19nu7uf8dageqlmzk23x7vl24fpn0l7cq20l3l4xxf2sk2xd5h98qss437p enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5cUNsRW9PaWtFTEJORDZx - eDBRdXg3QkhzMzFGVHJpTkZaK0wyYlNMdzJvCk1XZTUrNzJpZlZpWHRuUEVvekFF - QU12aVRoR3N6eUR6aHEwTWlIOU9SazQKLS0tIGU2ZmloNWxHRGFEQ1YwUjBONENS - bGxqQmhESjY2L01mSUVtYUdxVlpzR28KlXVdYP1I98OeiUi+h1+JHpm4/SS1OwiI - 4FfbygAqlk5xDMc7+rGvkeN82MMJTJf2FnIqtnYUlIBa+sh3A8L20Q== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPRmdKSUhCUzh2SDQyejgr + RExheE1SeVlvbFo5UTN5S3ZZZzg2U2NiblRnCnlKclEySjhoeXkwV3hJRFVHK3FW + QjRGYjBGcWNIS2xpVVVrTUdYcEsyM0EKLS0tIDNqTEZQdG9NbFYrdkJ0NlJodUp4 + aXNwMmNVc3VCWjRiZWcwZzdiZWhaczQKkU+/r7IJ//+BZ/RgB47jKhzT10D8vrWN + Rl+rEt6ASk7mBGn9Lz9rDyNZ2Kg9uhM0YnOcUDwdgmQZ8lKva2RZUQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-12-29T20:57:38Z" - mac: ENC[AES256_GCM,data:bTm/uac73fcZLlWKqRCtjdKTeHlwMcAnPiWBSOxs+BqXn0EeV65BL9oEJ/qpXPLyupvO2neUUnsrQawEo2G71m0voRrCxV3tAVfYgStQ+Ek/lJFdIlQxRrt9rIoSIc/eEeC6VYx90HHWO7gXT06B46fN66emxotY0IoG1BbWVRY=,iv:+d79pdiiRFxulpSn+4X5WTQo4xArwTHZjfYdW3s8YLE=,tag:V+WVxVWbY+hnpObNr63aCg==,type:str] + lastmodified: "2024-12-29T21:49:33Z" + mac: ENC[AES256_GCM,data:ZEX/4v6mB1OodHfiBLQzjtFYsW26KVqIPRtqNlW7jLVUZ+f4ZUSpGswIHoeSswH279xYs3cJC88YqzlK30sTEfdKYGGZzuPm5vZXOzjkAeW7/z2ChyNeMFGkBnca0Rz63mf16xKlHuv7niGpjDBg193RYpLKQLRnZNW5l9bRRS4=,iv:oyiFlkZHAjL4MXHUDud65rkjfzSPaCmoqHkmL7Pngmk=,tag:FNsVJCwK0T3QichbCs7ieg==,type:str] pgp: [] encrypted_regex: ^(data|stringData)$ version: 3.9.2 diff --git a/scripts/kubeconform.sh b/scripts/kubeconform.sh old mode 100644 new mode 100755