Configuration for the staging k8s clusters used by weave-gitops.
The clusters created by this repo are for testing/staging purposes only. They are not production-worthy.
The bulk of the important configuration is in these two directories:
The setup directory contains small bits of terraform for shared resources (e.g. container registries, terraform state buckets). You probably don't need to make changes here.
Each directory contains a README describing how that section of the project should be deployed/used.
Required
Nice to have:
We use sops to encrypt secrets such that they can be accessed by flux and turned into kubernetes secrets in the relevant cluster.
The .sops.yaml
file defines creation rules that will automatically encrypt
new files added to any directory that matches k8s/secrets/gke-*
.
It is recommended that any files you decrypt you add a *.dec
or *.dec.*
suffix to (e.g. foo.dec.yaml
) so git will automatically ignore them.
# Create or update a secret
$ sops k8s/secrets/gke-europe-west1/new-secret.yaml
# Decrypt a secret to the terminal
$ sops -d k8s/secrets/gke-europe-west1/old-secret.yaml
# Decrypt a secret to a file
$ sops -d k8s/secrets/gke-europe-west1/old-secret.yaml > k8s/secrets/gke-europe-west1/old-secret.dec.yaml
This repository uses pre-commit hooks
to run various linting tasks. They pre-commit program can be installed via
pip
or brew
:
$ pip install pre-commit
# or
$ brew install pre-commit
The hooks themselves are then added to your .git/hooks
directory:
$ pre-commit install
The first time the hooks run will take a little longer than usual as the scripts get installed.
They can be run manually:
$ pre-commit run --all
or they will run automatically whenever you run commit, e.g.:
$ git commit -m "Frobulate the changes"
Trim Trailing Whitespace.................................................Passed
Fix End of Files.........................................................Passed
Check Yaml...............................................................Passed
Check for added large files..............................................Passed
Terraform fmt........................................(no files to check)Skipped
Terraform validate...................................(no files to check)Skipped
[setup eda4e7a] Frobulate the changes
1 file changed, 42 insertions(+), 69 deletions(-)
rewrite .pre-commit-config.yaml (64%)