From 21af7fe05d4148c9da66fa5b6f47d160fb1e4b85 Mon Sep 17 00:00:00 2001 From: Louise Huyton Date: Wed, 15 Jan 2025 13:17:19 +0000 Subject: [PATCH] Test script after some additional cleanup steps and terminal output --- apps/toffee/dev/aso/toffee-postgres.yaml | 10 ++++++++ apps/toffee/dev/base/kustomization.yaml | 5 ++++ .../dev/sops-secrets/kustomization.yaml | 5 ++++ .../recipe-backend-values.enc.yaml | 25 +++++++++++++++++++ 4 files changed, 45 insertions(+) create mode 100644 apps/toffee/dev/aso/toffee-postgres.yaml create mode 100644 apps/toffee/dev/sops-secrets/kustomization.yaml create mode 100644 apps/toffee/dev/sops-secrets/recipe-backend-values.enc.yaml diff --git a/apps/toffee/dev/aso/toffee-postgres.yaml b/apps/toffee/dev/aso/toffee-postgres.yaml new file mode 100644 index 00000000000..1ec567081db --- /dev/null +++ b/apps/toffee/dev/aso/toffee-postgres.yaml @@ -0,0 +1,10 @@ +apiVersion: dbforpostgresql.azure.com/v1api20230601preview +kind: FlexibleServer +metadata: + name: ${NAMESPACE}-${ENVIRONMENT} + namespace: ${NAMESPACE} +spec: + version: "16" + sku: + name: Standard_D2ds_v5 + tier: GeneralPurpose diff --git a/apps/toffee/dev/base/kustomization.yaml b/apps/toffee/dev/base/kustomization.yaml index 112515dd5d2..dce90c433fc 100644 --- a/apps/toffee/dev/base/kustomization.yaml +++ b/apps/toffee/dev/base/kustomization.yaml @@ -5,7 +5,12 @@ resources: - ../../../base/workload-identity - ../../identity/toffee-azure-identity.yaml - ../../identity/apple-azure-identity.yaml + - ../../../azureserviceoperator-system/resources/resource-group.yaml + - ../../../azureserviceoperator-system/resources/flexibleserver-postgres.yaml + - ../../../azureserviceoperator-system/resources/flexibleserver-postgres-config.yaml + - ../sops-secrets namespace: toffee patches: + - path: ../aso/toffee-postgres.yaml - path: ../../serviceaccount/stg.yaml - path: ../../identity/dev.yaml \ No newline at end of file diff --git a/apps/toffee/dev/sops-secrets/kustomization.yaml b/apps/toffee/dev/sops-secrets/kustomization.yaml new file mode 100644 index 00000000000..cd2480c56f0 --- /dev/null +++ b/apps/toffee/dev/sops-secrets/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - recipe-backend-values.enc.yaml +namespace: toffee diff --git a/apps/toffee/dev/sops-secrets/recipe-backend-values.enc.yaml b/apps/toffee/dev/sops-secrets/recipe-backend-values.enc.yaml new file mode 100644 index 00000000000..b06f7d2bd32 --- /dev/null +++ b/apps/toffee/dev/sops-secrets/recipe-backend-values.enc.yaml @@ -0,0 +1,25 @@ +apiVersion: v1 +data: + PASSWORD: ENC[AES256_GCM,data:rr1AtUPpyTAQpQ3Mig+E3VnqwjS50j31,iv:DFiGiArCmdjAEu5x1WCkmOp45m4XrwkcX7Jushxmr6Y=,tag:yrfgg8NMjpbWEKpEgq88xA==,type:str] +kind: Secret +metadata: + creationTimestamp: null + name: postgres + namespace: toffee +type: Opaque +sops: + kms: [] + gcp_kms: [] + azure_kv: + - vault_url: https://dtssharedservicesdevkv.vault.azure.net + name: sops-key + version: 2beba064ddfe454482ad0133af2cf0fd + created_at: "2025-01-15T13:15:31Z" + enc: mattmh0hf8pQQGyEWxkUcYB-alAhjik67LiWuFRo2NBUsGwwKROr8up2FtMLld5QhcHIoEBPgIj6NJ7vST6kMgpW2xA5_ZijD3RTVyKXzHAoyIKhgVUByngkl9mur7iIw7p-ns0mvQ-pn37roAjN7PSk6v7jPAvW0OUmyMg_e6Mu3vW4i7irh2OwBAG3q3pA60vayVI9ASYgUYNS-NTfdyR9_kzRZWRshwgiIwWt0YSrOf3vR0JO7oU0nVfY9hq7dIFdbvJIsug0MR1pGHyzNyK3mYj9L_PtUk28alAL_JCF2ss4J08zI9FiFBvGDjSNk6jK0czua_FTg4Q7WVw8zw + hc_vault: [] + age: [] + lastmodified: "2025-01-15T13:15:36Z" + mac: ENC[AES256_GCM,data:asR82GZipXecCTObmarp4AtYN8JhS7tn81XDQtMksFdgQslTrBFaupi4CPA3wNkDEnxr8ztL/GZBeTdEjYhdLr0pjgK22pl9+BSj3nFnCJGLmDGqPd4ditlx0ruEjNkwN3un12JXP2S+wyu5LL0K1r7lTihQlR1DZ0ZzwVPcWl8=,iv:pOHKGvChmeVPt4P2cPJ6h+629iVZ+0Z/XmItKrQJII8=,tag:Rl75tU3VN0Gy8rzlzfUaBQ==,type:str] + pgp: [] + encrypted_regex: ^(data|stringData)$ + version: 3.9.1