From 954af9cd0bd49463d8a06eb0ea91603e55646aa1 Mon Sep 17 00:00:00 2001 From: sahil sharma Date: Mon, 9 Mar 2026 16:59:55 +0000 Subject: [PATCH 1/3] Adds config files to setup vault and create client secrets --- .../ua/user-exchange-client-secrets/app.yaml | 38 +++++++++++++++++++ .../.helmignore | 23 +++++++++++ .../Chart.yaml | 24 ++++++++++++ .../templates/static-secret.yaml | 18 +++++++++ .../values.yaml | 4 ++ 5 files changed, 107 insertions(+) create mode 100644 argocd/dev/ua/user-exchange-client-secrets/app.yaml create mode 100644 components/ua/user-exchange-client-secret/user-exchange-client-secret-chart/.helmignore create mode 100644 components/ua/user-exchange-client-secret/user-exchange-client-secret-chart/Chart.yaml create mode 100644 components/ua/user-exchange-client-secret/user-exchange-client-secret-chart/templates/static-secret.yaml create mode 100644 components/ua/user-exchange-client-secret/user-exchange-client-secret-chart/values.yaml diff --git a/argocd/dev/ua/user-exchange-client-secrets/app.yaml b/argocd/dev/ua/user-exchange-client-secrets/app.yaml new file mode 100644 index 00000000..32e2faff --- /dev/null +++ b/argocd/dev/ua/user-exchange-client-secrets/app.yaml @@ -0,0 +1,38 @@ +apiVersion: argoproj.io/v1alpha1 +kind: ApplicationSet +metadata: + name: user-exchange-client-secret + namespace: argocd +spec: + goTemplate: true + goTemplateOptions: ["missingkey=error"] + generators: + - list: + elements: + # Names of clusters to deploy the app to + - name: dev-v3 + # Uncomment if you want to deploy to dev-microk8s-alternative + #- name: dev-microk8s-alternative + template: + metadata: + name: '{{.name}}-user-exchange-client-secret' + annotations: + argocd.argoproj.io/sync-wave: "0" + notifications.argoproj.io/subscribe.on-sync-failed.smtp-ua: users-and-auth-team@stfc365.onmicrosoft.com + notifications.argoproj.io/subscribe.on-health-degraded.smtp-ua: users-and-auth-team@stfc365.onmicrosoft.com + notifications.argoproj.io/subscribe.on-sync-status-unknown.smtp-ua: users-and-auth-team@stfc365.onmicrosoft.com + spec: + project: u-a-project + source: + path: components/ua/user-exchange-client/user-exchage-client-secret-chart + repoURL: 'https://github.com/isisbusapps/gitops' + targetRevision: main + helm: + valueFiles: + - values-dev.yaml + destination: + namespace: apps + name: '{{.name}}' + syncPolicy: + automated: + selfHeal: true \ No newline at end of file diff --git a/components/ua/user-exchange-client-secret/user-exchange-client-secret-chart/.helmignore b/components/ua/user-exchange-client-secret/user-exchange-client-secret-chart/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/components/ua/user-exchange-client-secret/user-exchange-client-secret-chart/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/components/ua/user-exchange-client-secret/user-exchange-client-secret-chart/Chart.yaml b/components/ua/user-exchange-client-secret/user-exchange-client-secret-chart/Chart.yaml new file mode 100644 index 00000000..15400498 --- /dev/null +++ b/components/ua/user-exchange-client-secret/user-exchange-client-secret-chart/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: user-exchange-client-secret-chart +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/components/ua/user-exchange-client-secret/user-exchange-client-secret-chart/templates/static-secret.yaml b/components/ua/user-exchange-client-secret/user-exchange-client-secret-chart/templates/static-secret.yaml new file mode 100644 index 00000000..bc8ce642 --- /dev/null +++ b/components/ua/user-exchange-client-secret/user-exchange-client-secret-chart/templates/static-secret.yaml @@ -0,0 +1,18 @@ +{{- range .Values.clients.name }} +apiVersion: secrets.hashicorp.com/v1beta1 +kind: VaultStaticSecret +metadata: + name: user-exchange-client-{{ . }} + namespace: apps +spec: + type: kv-v2 + refreshAfter: 30s + vaultAuthRef: static-auth + mount: user-exchange + path: dev/client/{{ . }} + destination: + name: user-exchange-client-{{ . }} + overwrite: true + create: true +--- +{{- end }} \ No newline at end of file diff --git a/components/ua/user-exchange-client-secret/user-exchange-client-secret-chart/values.yaml b/components/ua/user-exchange-client-secret/user-exchange-client-secret-chart/values.yaml new file mode 100644 index 00000000..bb1acbc1 --- /dev/null +++ b/components/ua/user-exchange-client-secret/user-exchange-client-secret-chart/values.yaml @@ -0,0 +1,4 @@ +clients: + name: + - users + - facilities-eras \ No newline at end of file From 630390c976151184f3295e6769688e8325e27052 Mon Sep 17 00:00:00 2001 From: sahil sharma Date: Mon, 9 Mar 2026 17:02:26 +0000 Subject: [PATCH 2/3] renamed values to values-dev --- .../{values.yaml => values-dev.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename components/ua/user-exchange-client-secret/user-exchange-client-secret-chart/{values.yaml => values-dev.yaml} (100%) diff --git a/components/ua/user-exchange-client-secret/user-exchange-client-secret-chart/values.yaml b/components/ua/user-exchange-client-secret/user-exchange-client-secret-chart/values-dev.yaml similarity index 100% rename from components/ua/user-exchange-client-secret/user-exchange-client-secret-chart/values.yaml rename to components/ua/user-exchange-client-secret/user-exchange-client-secret-chart/values-dev.yaml From 4522003a658833ee6ce45ce40853444f8104854f Mon Sep 17 00:00:00 2001 From: sahil sharma Date: Mon, 9 Mar 2026 17:12:17 +0000 Subject: [PATCH 3/3] updates source path --- argocd/dev/ua/user-exchange-client-secrets/app.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/argocd/dev/ua/user-exchange-client-secrets/app.yaml b/argocd/dev/ua/user-exchange-client-secrets/app.yaml index 32e2faff..380a7bca 100644 --- a/argocd/dev/ua/user-exchange-client-secrets/app.yaml +++ b/argocd/dev/ua/user-exchange-client-secrets/app.yaml @@ -24,7 +24,7 @@ spec: spec: project: u-a-project source: - path: components/ua/user-exchange-client/user-exchage-client-secret-chart + path: components/ua/user-exchange-client-secret/user-exchange-client-secret-chart repoURL: 'https://github.com/isisbusapps/gitops' targetRevision: main helm: