k8s.io/test-infra@v0.0.0-20240520184403-27c6b4c223d8/config/prow/cluster/kubernetes_external_secrets.yaml

k8s.io/test-infra@v0.0.0-20240520184403-27c6b4c223d8/config/prow/cluster/kubernetes_external_secrets.yaml (about)

     1  # This is a place holder for adding kubernetes external secrets, please add the
     2  # ExternalSecret CR here, separated by `---`.
     3  ---
     4  apiVersion: kubernetes-client.io/v1
     5  kind: ExternalSecret
     6  metadata:
     7    name: service-account
     8    namespace: test-pods
     9  spec:
    10    backendType: gcpSecretsManager
    11    projectId: k8s-prow-builds
    12    data:
    13    - key: default-k8s-build-cluster-service-account-key
    14      name: service-account.json
    15      version: latest
    16  ---
    17  apiVersion: kubernetes-client.io/v1
    18  kind: ExternalSecret
    19  metadata:
    20    name: prometheus-alert-slack-post-prow-alerts-secret-url
    21    namespace: prow-monitoring
    22  spec:
    23    backendType: gcpSecretsManager
    24    projectId: k8s-prow
    25    data:
    26    - key: prometheus-alert-slack-post-prow-alerts-secret-url
    27      name: url
    28      version: latest
    29  ---
    30  apiVersion: kubernetes-client.io/v1
    31  kind: ExternalSecret
    32  metadata:
    33    name: prometheus-alert-slack-post-testing-ops-secret-url
    34    namespace: prow-monitoring
    35  spec:
    36    backendType: gcpSecretsManager
    37    projectId: k8s-prow
    38    data:
    39    - key: prometheus-alert-slack-post-testing-ops-secret-url
    40      name: url
    41      version: latest
    42  ---
    43  apiVersion: kubernetes-client.io/v1
    44  kind: ExternalSecret
    45  metadata:
    46    name: grafana
    47    namespace: prow-monitoring
    48  spec:
    49    backendType: gcpSecretsManager
    50    projectId: k8s-prow
    51    data:
    52    - key: gke_k8s-prow_us-central1-f_prow__prow-monitoring__grafana
    53      name: password
    54      version: latest
    55  ---
    56  apiVersion: kubernetes-client.io/v1
    57  kind: ExternalSecret
    58  metadata:
    59    name: k8s-infra-cherrypick-robot-github-token  # The name of the K8s Secret
    60    namespace: default
    61  spec:
    62    backendType: gcpSecretsManager
    63    projectId: kubernetes-public
    64    data:
    65    - key: k8s-infra-cherrypick-robot-github-token # The name of the GSM Secret
    66      name: token                                  # The key to write in the K8s Secret
    67      version: latest
    68  ---
    69  apiVersion: kubernetes-client.io/v1
    70  kind: ExternalSecret
    71  metadata:
    72    name: kubeconfig-prow-services
    73    namespace: test-pods
    74  spec:
    75    backendType: gcpSecretsManager
    76    projectId: k8s-prow
    77    data:
    78    - key: gke_k8s-prow_us-central1-f_prow__default__prow-services
    79      name: config
    80      version: latest
    81  ---
    82  apiVersion: kubernetes-client.io/v1
    83  kind: ExternalSecret
    84  metadata:
    85    name: kubeconfig-build-test-infra-trusted
    86    namespace: default
    87  spec:
    88    backendType: gcpSecretsManager
    89    projectId: k8s-prow
    90    data:
    91    - key: prow_build_cluster_kubeconfig_test-infra-trusted
    92      name: kubeconfig
    93      version: latest
    94  ---
    95  apiVersion: kubernetes-client.io/v1
    96  kind: ExternalSecret
    97  metadata:
    98    name: kubeconfig-build-k8s-prow-builds
    99    namespace: default
   100  spec:
   101    backendType: gcpSecretsManager
   102    projectId: k8s-prow
   103    data:
   104    - key: gke_k8s-prow-builds_us-central1-f_prow__default__build-k8s-prow-builds
   105      name: kubeconfig
   106      version: latest
   107  ---
   108  apiVersion: kubernetes-client.io/v1
   109  kind: ExternalSecret
   110  metadata:
   111    name: kubeconfig-build-rules-k8s
   112    namespace: default
   113  spec:
   114    backendType: gcpSecretsManager
   115    projectId: k8s-prow
   116    data:
   117    - key: gke_rules-k8s_us-central1-f_testing__default__build-rules-k8s
   118      name: kubeconfig
   119      version: latest
   120  ---
   121  apiVersion: kubernetes-client.io/v1
   122  kind: ExternalSecret
   123  metadata:
   124    name: cluster-api-provider-digitalocean-quayio
   125    namespace: default
   126  spec:
   127    backendType: gcpSecretsManager
   128    projectId: k8s-infra-prow-build-trusted
   129    data:
   130    - key: capdo-quayio-registry-secret
   131      name: config.json
   132      version: latest
   133  ---
   134  apiVersion: kubernetes-client.io/v1
   135  kind: ExternalSecret
   136  metadata:
   137    name: kubeconfig-eks-prow-build-cluster
   138    namespace: default
   139  spec:
   140    backendType: gcpSecretsManager
   141    projectId: k8s-infra-prow-build-trusted
   142    data:
   143    - key: eks-prow-build-cluster-kubeconfig
   144      name: kubeconfig
   145      version: latest
   146  ---
   147  apiVersion: kubernetes-client.io/v1
   148  kind: ExternalSecret
   149  metadata:
   150    name: kubeconfig-k8s-infra-kops-prow-build
   151    namespace: default
   152  spec:
   153    backendType: gcpSecretsManager
   154    projectId: k8s-infra-prow-build-trusted
   155    data:
   156    - key: k8s-infra-kops-prow-build-kubeconfig
   157      name: kubeconfig
   158      version: latest