Minor fixes and changes

ruzickap · ruzickap · commit 9cddf40a291b · 2022-09-14T07:08:13.000+02:00
diff --git a/.github/workflows/clusters-aws-reusable-workflow.yml b/.github/workflows/clusters-aws-reusable-workflow.yml
@@ -184,11 +184,13 @@ jobs:
 
           export KUBECONFIG="/tmp/kubeconfig-${CLUSTER_NAME}.conf"
           if aws eks update-kubeconfig --name "${CLUSTER_NAME}" --kubeconfig "${KUBECONFIG}" ; then
-            kubectl patch kustomization -n flux-system external-dns ingress-nginx cert-manager-certificate --type='json' -p='[{"op": "add", "path": "/spec/suspend", "value":true}]'
-            kubectl delete certificate -n cert-manager --all || true
-            kubectl delete deployments -n external-dns -l app.kubernetes.io/name=external-dns || true
-            kubectl delete service -n ingress-nginx -l app.kubernetes.io/component=controller || true
-            kubectl delete secrets.secretsmanager.aws.crossplane.io -n crossplane-system secretsmanager-kuard-secret || true
+            (
+              kubectl patch kustomization -n flux-system external-dns ingress-nginx cert-manager-certificate --type='json' -p='[{"op": "add", "path": "/spec/suspend", "value":true}]'
+              kubectl delete certificate -n cert-manager --all
+              kubectl delete deployments -n external-dns -l app.kubernetes.io/name=external-dns
+              kubectl delete service -n ingress-nginx -l app.kubernetes.io/component=controller
+              kubectl delete secrets.secretsmanager.aws.crossplane.io -n crossplane-system secretsmanager-kuard-secret
+            ) || true
             rm "${KUBECONFIG}"
           fi
 
diff --git a/clusters/aws-dev-mgmt/mgmt01.k8s.use1.dev.proj.aws.mylabs.dev/flux/cluster-apps-kustomization.yaml b/clusters/aws-dev-mgmt/mgmt01.k8s.use1.dev.proj.aws.mylabs.dev/flux/cluster-apps-kustomization.yaml
@@ -25,3 +25,5 @@ spec:
         name: cluster-apps-secrets
       - kind: Secret
         name: cluster-apps-group-secrets
+  decryption:
+    provider: sops
diff --git a/clusters/aws-dev-mgmt/mgmt02.k8s.use1.dev.proj.aws.mylabs.dev/flux/cluster-apps-kustomization.yaml b/clusters/aws-dev-mgmt/mgmt02.k8s.use1.dev.proj.aws.mylabs.dev/flux/cluster-apps-kustomization.yaml
@@ -25,3 +25,5 @@ spec:
         name: cluster-apps-secrets
       - kind: Secret
         name: cluster-apps-group-secrets
+  decryption:
+    provider: sops
diff --git a/flux/cluster-apps/flux-receiver/flux-receiver-kustomization/flux-receiver-github-webhook-token-secret.yaml b/flux/cluster-apps/flux-receiver/flux-receiver-kustomization/flux-receiver-github-webhook-token-secret.yaml
@@ -4,4 +4,4 @@ metadata:
   name: github-webhook-token
   namespace: flux-system
 data:
-  token: ${GITHUB_WEBHOOK_TOKEN_BASE64}
+  token: ${FLUX_GITHUB_WEBHOOK_TOKEN_BASE64}
diff --git a/terraform/aws-mgmt/data.tf b/terraform/aws-mgmt/data.tf
@@ -34,7 +34,7 @@ data "http" "argo-cd_core-install" {
 }
 
 data "kubectl_file_documents" "argo-cd_core-install" {
-  content = data.http.argo-cd_core-install.body
+  content = data.http.argo-cd_core-install.response_body
 }
 
 # ---------------------------------------------------------------------------------------------------------------------
diff --git a/terraform/aws-mgmt/eks.tf b/terraform/aws-mgmt/eks.tf
@@ -530,17 +530,17 @@ resource "kubernetes_secret" "flux_cluster_apps_terraform_secret" {
   }
 
   data = {
-    AWS_ACCOUNT_ID              = data.aws_caller_identity.current.account_id
-    AWS_DEFAULT_REGION          = var.aws_default_region
-    AWS_PARTITION               = data.aws_partition.current.id
-    CLUSTER_FQDN                = var.cluster_fqdn
-    CLUSTER_NAME                = local.cluster_name
-    ROOT_DOMAIN                 = local.root_domain
-    CLUSTER_PATH                = var.cluster_path
-    EMAIL                       = var.email
-    ENVIRONMENT                 = var.environment
-    GITHUB_WEBHOOK_TOKEN_BASE64 = base64encode(random_id.github_webhook_flux_secret.hex)
-    LETSENCRYPT_ENVIRONMENT     = var.letsencrypt_environment
+    AWS_ACCOUNT_ID                   = data.aws_caller_identity.current.account_id
+    AWS_DEFAULT_REGION               = var.aws_default_region
+    AWS_PARTITION                    = data.aws_partition.current.id
+    CLUSTER_FQDN                     = var.cluster_fqdn
+    CLUSTER_NAME                     = local.cluster_name
+    ROOT_DOMAIN                      = local.root_domain
+    CLUSTER_PATH                     = var.cluster_path
+    EMAIL                            = var.email
+    ENVIRONMENT                      = var.environment
+    FLUX_GITHUB_WEBHOOK_TOKEN_BASE64 = base64encode(random_id.github_webhook_flux_secret.hex)
+    LETSENCRYPT_ENVIRONMENT          = var.letsencrypt_environment
     # Environment=dev,Team=test
     TAGS_INLINE = local.tags_inline
   }

Original file line number	Diff line number	Diff line change
`@@ -34,7 +34,7 @@ data "http" "argo-cd_core-install" {`
`34`	`34`	`}`
`35`	`35`
`36`	`36`	`data "kubectl_file_documents" "argo-cd_core-install" {`
`37`		`- content = data.http.argo-cd_core-install.body`
	`37`	`+ content = data.http.argo-cd_core-install.response_body`
`38`	`38`	`}`
`39`	`39`
`40`	`40`	`# ---------------------------------------------------------------------------------------------------------------------`