Add sealed secret for cluster-issuer

2022-06-04 15:36:03 +02:00
parent a5940a3bb6
commit 35e4ed430e
4 changed files with 58 additions and 0 deletions
--- a/infrastructure/cert-manager/create-secret.sh
+++ b/infrastructure/cert-manager/create-secret.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+echo "Encrypt secret with 'sealed-secrets'"
+kubectl -n default create secret generic cloudflare-api-token-secret \
+--from-literal=api-token="$1" \
+--namespace="cert-manager" \
+--dry-run=client \
+-o yaml > cloudflare-secret.yaml
+echo "secret: $1"
+kubeseal \
+  --format=yaml \
+  --controller-name=sealed-secrets \
+  --controller-namespace=kube-system \
+< cloudflare-secret.yaml > cloudflare-secret.sealed.yaml
+echo "Updated/created secret"
+rm cloudflare-secret.yaml