fix

tunacinsoy · Aug 23, 2024 · 5a5f027 · 5a5f027
1 parent 93c7ea6
commit 5a5f027
Show file tree

Hide file tree

Showing 2 changed files with 81 additions and 59 deletions.
diff --git a/manifests/blog-app/mongodb-creds-external.yaml b/manifests/blog-app/mongodb-creds-external.yaml
@@ -0,0 +1,22 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: mongodb-creds-external
+  namespace: blog-app
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: gcp-backend
+  target:
+  # Specifies the name of the secret resource that will be created with this externalSecret object
+    name: mongodb-creds-external
+    namespace: blog-app
+  data:
+  - secretKey: MONGO_INITDB_ROOT_USERNAME
+    remoteRef:
+      key: external-secrets
+      property:  MONGO_INITDB_ROOT_USERNAME
+  - secretKey: MONGO_INITDB_ROOT_PASSWORD
+    remoteRef:
+      key: external-secrets
+      property:  MONGO_INITDB_ROOT_PASSWORD
diff --git a/terraform/app.tf b/terraform/app.tf
@@ -1,60 +1,60 @@
-# This hcl file is responsible for the configuration deployment that will be used by ArgoCD
-
-# ApplicationSet resource for the applications that argoCD will manage
-data "kubectl_file_documents" "apps" {
-  content = file("../manifests/argocd/apps.yaml")
-}
-
-resource "kubectl_manifest" "apps" {
-  # Needs to depend on argocd deployment, since we'll configure it after deployment finishes
-  depends_on = [kubectl_manifest.argocd]
-  # for_each iterates over each manifest in the namespace file
-  for_each           = data.kubectl_file_documents.apps.manifests
-  # Applies the content of each manifest to the Kubernetes cluster
-  yaml_body          = each.value
-  # Forces the namespace to be set to argocd, ensuring that all resources are created in the correct namespace
-  override_namespace = "argocd"
-}
-
-# MANAGING SECRETS USING External Secrets
-# External-Secrets operator for the retrieval of secrets
-data "kubectl_file_documents" "external-secrets" {
-  content = file("../manifests/argocd/external-secrets.yaml")
-}
-
-resource "kubectl_manifest" "external-secrets" {
-  # It needs to depend on argocd creation, since we'll deploy external-secrets right after argocd gets created
-  depends_on = [
-    kubectl_manifest.argocd,
-  ]
-  # for_each iterates over each manifest in the namespace file
-  for_each = data.kubectl_file_documents.external-secrets.manifests
-  # Applies the content of each manifest to the Kubernetes cluster
-  yaml_body = each.value
-  # Forces the namespace to be set to argocd, ensuring that all resources are created in the correct namespace
-  override_namespace = "argocd"
-}
-
-# # File that holds the secret resource that have service account credentials
-data "kubectl_file_documents" "gcpsm-secret" {
-    content = file("../manifests/argocd/gcpsm-secret.yaml")
-}
-
-resource "kubectl_manifest" "gcpsm-secret" {
-  for_each  = data.kubectl_file_documents.gcpsm-secret.manifests
-  yaml_body = each.value
-}
-
-# SecretStore resource that uses secret resource to retrieve external secrets
-data "kubectl_file_documents" "secret-store" {
-    content = file("../manifests/argocd/secret-store.yaml")
-}
-
-resource "kubectl_manifest" "secret-store" {
-  depends_on = [
-    kubectl_manifest.gcpsm-secret,
-  ]
-  for_each  = data.kubectl_file_documents.secret-store.manifests
-  yaml_body = each.value
-}
+# # This hcl file is responsible for the configuration deployment that will be used by ArgoCD
+
+# # ApplicationSet resource for the applications that argoCD will manage
+# data "kubectl_file_documents" "apps" {
+#   content = file("../manifests/argocd/apps.yaml")
+# }
+
+# resource "kubectl_manifest" "apps" {
+#   # Needs to depend on argocd deployment, since we'll configure it after deployment finishes
+#   depends_on = [kubectl_manifest.argocd]
+#   # for_each iterates over each manifest in the namespace file
+#   for_each           = data.kubectl_file_documents.apps.manifests
+#   # Applies the content of each manifest to the Kubernetes cluster
+#   yaml_body          = each.value
+#   # Forces the namespace to be set to argocd, ensuring that all resources are created in the correct namespace
+#   override_namespace = "argocd"
+# }
+
+# # MANAGING SECRETS USING External Secrets
+# # External-Secrets operator for the retrieval of secrets
+# data "kubectl_file_documents" "external-secrets" {
+#   content = file("../manifests/argocd/external-secrets.yaml")
+# }
+
+# resource "kubectl_manifest" "external-secrets" {
+#   # It needs to depend on argocd creation, since we'll deploy external-secrets right after argocd gets created
+#   depends_on = [
+#     kubectl_manifest.argocd,
+#   ]
+#   # for_each iterates over each manifest in the namespace file
+#   for_each = data.kubectl_file_documents.external-secrets.manifests
+#   # Applies the content of each manifest to the Kubernetes cluster
+#   yaml_body = each.value
+#   # Forces the namespace to be set to argocd, ensuring that all resources are created in the correct namespace
+#   override_namespace = "argocd"
+# }
+
+# # # File that holds the secret resource that have service account credentials
+# data "kubectl_file_documents" "gcpsm-secret" {
+#     content = file("../manifests/argocd/gcpsm-secret.yaml")
+# }
+
+# resource "kubectl_manifest" "gcpsm-secret" {
+#   for_each  = data.kubectl_file_documents.gcpsm-secret.manifests
+#   yaml_body = each.value
+# }
+
+# # SecretStore resource that uses secret resource to retrieve external secrets
+# data "kubectl_file_documents" "secret-store" {
+#     content = file("../manifests/argocd/secret-store.yaml")
+# }
+
+# resource "kubectl_manifest" "secret-store" {
+#   depends_on = [
+#     kubectl_manifest.gcpsm-secret,
+#   ]
+#   for_each  = data.kubectl_file_documents.secret-store.manifests
+#   yaml_body = each.value
+# }