2021-05-12 08:30:05 -05:00
|
|
|
pull_secret = 'dockerconfigjson'
|
|
|
|
|
github_token = 'github_token'
|
2021-06-10 05:22:03 -05:00
|
|
|
drone_token = 'drone_token'
|
2021-11-30 04:53:07 -06:00
|
|
|
prerelease_bucket = 'prerelease_bucket'
|
2021-12-24 03:43:32 -06:00
|
|
|
gcp_upload_artifacts_key = 'gcp_upload_artifacts_key'
|
2022-11-08 04:27:54 -06:00
|
|
|
azure_sp_app_id = 'azure_sp_app_id'
|
|
|
|
|
azure_sp_app_pw = 'azure_sp_app_pw'
|
|
|
|
|
azure_tenant = 'azure_tenant'
|
2021-05-12 08:30:05 -05:00
|
|
|
|
|
|
|
|
def from_secret(secret):
|
|
|
|
|
return {
|
|
|
|
|
'from_secret': secret
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
def vault_secret(name, path, key):
|
|
|
|
|
return {
|
|
|
|
|
'kind': 'secret',
|
|
|
|
|
'name': name,
|
|
|
|
|
'get': {
|
|
|
|
|
'path': path,
|
|
|
|
|
'name': key,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
def secrets():
|
|
|
|
|
return [
|
|
|
|
|
vault_secret(pull_secret, 'secret/data/common/gcr', '.dockerconfigjson'),
|
2021-06-10 05:22:03 -05:00
|
|
|
vault_secret(github_token, 'infra/data/ci/github/grafanabot', 'pat'),
|
|
|
|
|
vault_secret(drone_token, 'infra/data/ci/drone', 'machine-user-token'),
|
2021-11-30 04:53:07 -06:00
|
|
|
vault_secret(prerelease_bucket, 'infra/data/ci/grafana/prerelease', 'bucket'),
|
2021-12-24 03:43:32 -06:00
|
|
|
vault_secret(gcp_upload_artifacts_key, 'infra/data/ci/grafana/releng/artifacts-uploader-service-account', 'credentials.json'),
|
2022-11-08 04:27:54 -06:00
|
|
|
vault_secret(azure_sp_app_id, 'infra/data/ci/datasources/cpp-azure-resourcemanager-credentials', 'application_id'),
|
|
|
|
|
vault_secret(azure_sp_app_pw, 'infra/data/ci/datasources/cpp-azure-resourcemanager-credentials', 'application_secret'),
|
|
|
|
|
vault_secret(azure_tenant, 'infra/data/ci/datasources/cpp-azure-resourcemanager-credentials', 'tenant_id'),
|
2022-09-01 06:13:44 -05:00
|
|
|
|
|
|
|
|
# Package publishing
|
|
|
|
|
vault_secret('packages_gpg_public_key', 'infra/data/ci/packages-publish/gpg', 'public-key'),
|
|
|
|
|
vault_secret('packages_gpg_private_key', 'infra/data/ci/packages-publish/gpg', 'private-key'),
|
|
|
|
|
vault_secret('packages_gpg_passphrase', 'infra/data/ci/packages-publish/gpg', 'passphrase'),
|
|
|
|
|
vault_secret('packages_service_account', 'infra/data/ci/packages-publish/service-account', 'credentials.json'),
|
|
|
|
|
vault_secret('packages_access_key_id', 'infra/data/ci/packages-publish/bucket-credentials', 'AccessID'),
|
|
|
|
|
vault_secret('packages_secret_access_key', 'infra/data/ci/packages-publish/bucket-credentials', 'Secret'),
|
2021-05-12 08:30:05 -05:00
|
|
|
]
|
