Closed yaroslav-svirida closed 1 year ago
this file is encoded with the help of gpg key. I did like that gpg --recipient q --encrypt secrets.yaml. This file keep encoded information (����N����l�Nd�n�5ڽ�+�����f���"c���L+'Hg(�����Pgfkr9��c�p&��|�k�'��1m���v}-��e<o�C��]�Qي�����w(���%w� oS1]w��w���@&�[���u�iQ=수��q W�wW���T+Bo�tR��L`��m�w6t1g����a���/����o���2����oRT��z� P�\��4�[����b�T��K�2�0�&�;�ka��~y���*��� �秎���Żf�c�`��X�b��2��@Na�#��J|�~��-�BB��"=�J�5���J-�a�V� �,6.�73B�}���9K$}>\̆�Dz��� ���a>������I��%c�KS4�p��;C���h�.�����h�R@g\�2 �'Kg�o�rȅ) I couldn't find the way in your article and searched in google( Сould you tell me how to do it better?
I changed the encription. I created .sops.yaml and encrypted like this helm secrets encrypt secrets.yaml > templates/secrets.yaml. Now I have this mistake: ............failed exit status 1: No keys found in file [helm-secrets] Error while decrypting file: .Chart_34/templates/secrets.yaml Error: plugin "secrets" exited with error.
please tell me what is wrong?((
just dont do that.
dont encrypt files in templates/ dir. Only encrypting value files are support. create a secrets.yaml next to you values.yaml and pass the secret file to helm template . -f secrets://secrets.yaml
follow the guide from https://medium.com/@mprzygrodzki/argocd-with-helm-secrets-and-kms-encryption-1f0944728873
he is not encrypt files from template dir
please tell me what is wrong?((
This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.
Current Behavior
rpc error: code = Unknown desc =
helm template . --name-template demo-app --namespace demo --kube-version 1.26 --values .Chart_34/templates/secrets.yaml --api-versions admissionregistration.k8s.io/v1 --api-versions admissionregistration.k8s.io/v1/MutatingWebhookConfiguration --api-versions admissionregistration.k8s.io/v1/ValidatingWebhookConfiguration --api-versions apiextensions.k8s.io/v1 --api-versions apiextensions.k8s.io/v1/CustomResourceDefinition --api-versions apiregistration.k8s.io/v1 --api-versions apiregistration.k8s.io/v1/APIService --api-versions apps/v1 --api-versions apps/v1/ControllerRevision --api-versions apps/v1/DaemonSet --api-versions apps/v1/Deployment --api-versions apps/v1/ReplicaSet --api-versions apps/v1/StatefulSet --api-versions argoproj.io/v1alpha1 --api-versions argoproj.io/v1alpha1/AppProject --api-versions argoproj.io/v1alpha1/Application --api-versions argoproj.io/v1alpha1/ApplicationSet --api-versions autoscaling/v1 --api-versions autoscaling/v1/HorizontalPodAutoscaler --api-versions autoscaling/v2 --api-versions autoscaling/v2/HorizontalPodAutoscaler --api-versions batch/v1 --api-versions batch/v1/CronJob --api-versions batch/v1/Job --api-versions certificates.k8s.io/v1 --api-versions certificates.k8s.io/v1/CertificateSigningRequest --api-versions coordination.k8s.io/v1 --api-versions coordination.k8s.io/v1/Lease --api-versions discovery.k8s.io/v1 --api-versions discovery.k8s.io/v1/EndpointSlice --api-versions events.k8s.io/v1 --api-versions events.k8s.io/v1/Event --api-versions flowcontrol.apiserver.k8s.io/v1beta2 --api-versions flowcontrol.apiserver.k8s.io/v1beta2/FlowSchema --api-versions flowcontrol.apiserver.k8s.io/v1beta2/PriorityLevelConfiguration --api-versions flowcontrol.apiserver.k8s.io/v1beta3 --api-versions flowcontrol.apiserver.k8s.io/v1beta3/FlowSchema --api-versions flowcontrol.apiserver.k8s.io/v1beta3/PriorityLevelConfiguration --api-versions networking.k8s.io/v1 --api-versions networking.k8s.io/v1/Ingress --api-versions networking.k8s.io/v1/IngressClass --api-versions networking.k8s.io/v1/NetworkPolicy --api-versions node.k8s.io/v1 --api-versions node.k8s.io/v1/RuntimeClass --api-versions policy/v1 --api-versions policy/v1/PodDisruptionBudget --api-versions rbac.authorization.k8s.io/v1 --api-versions rbac.authorization.k8s.io/v1/ClusterRole --api-versions rbac.authorization.k8s.io/v1/ClusterRoleBinding --api-versions rbac.authorization.k8s.io/v1/Role --api-versions rbac.authorization.k8s.io/v1/RoleBinding --api-versions scheduling.k8s.io/v1 --api-versions scheduling.k8s.io/v1/PriorityClass --api-versions storage.k8s.io/v1 --api-versions storage.k8s.io/v1/CSIDriver --api-versions storage.k8s.io/v1/CSINode --api-versions storage.k8s.io/v1/CSIStorageCapacity --api-versions storage.k8s.io/v1/StorageClass --api-versions storage.k8s.io/v1/VolumeAttachment --api-versions storage.k8s.io/v1beta1 --api-versions storage.k8s.io/v1beta1/CSIStorageCapacity --api-versions v1 --api-versions v1/ConfigMap --api-versions v1/Endpoints --api-versions v1/Event --api-versions v1/LimitRange --api-versions v1/Namespace --api-versions v1/Node --api-versions v1/PersistentVolume --api-versions v1/PersistentVolumeClaim --api-versions v1/Pod --api-versions v1/PodTemplate --api-versions v1/ReplicationController --api-versions v1/ResourceQuota --api-versions v1/Secret --api-versions v1/Service --api-versions v1/ServiceAccount --include-crds
failed exit status 1: Error: failed to parse .Chart_34/templates/secrets.yaml: error converting YAML to JSON: yaml: invalid leading UTF-8 octet Error: plugin "secrets" exited with errorExpected Behavior
No response
Steps To Reproduce
Environment
Anything else?
all code here https://github.com/yaroslav-svirida/task34_argocd
please tell me what is wrong?((