viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

deploy Sealed Secrets controller for encrypted secret management

Browse source 
Adds Sealed Secrets (Bitnami) to the platform stack so cluster users can
encrypt secrets with a public key and commit SealedSecret YAMLs to git.
The in-cluster controller decrypts them into regular K8s Secrets.

- New module: sealed-secrets (namespace + Helm chart v2.18.3, cluster tier)
- k8s-portal setup script: adds kubeseal CLI install for Linux and Mac
This commit is contained in:
Viktor Barzin 2026-03-08 19:49:48 +00:00
parent d352d6e7f8
commit 6b3e84f465
3 changed files with 76 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
stacks/platform/main.tf
View file

@ -432,6 +432,14 @@ module "cnpg" {
tier = local.tiers.cluster
}
# -----------------------------------------------------------------------------
# Sealed Secrets encrypts secrets for safe git storage
# -----------------------------------------------------------------------------
module "sealed-secrets" {
source = "./modules/sealed-secrets"
tier = local.tiers.cluster
}
# -----------------------------------------------------------------------------
# NVIDIA GPU device plugin
# -----------------------------------------------------------------------------