diff --git a/docs/appconfig.md b/docs/appconfig.md index 4af50b6..dd83d10 100644 --- a/docs/appconfig.md +++ b/docs/appconfig.md @@ -1,6 +1,6 @@ ## Application Definition -Here is a list of available configuration options inside the `apps` array.o +Here is a list of available configuration options inside the `apps` array. ### Required diff --git a/docs/assets/heqet-overview.jpg b/docs/assets/heqet-overview.jpg new file mode 100644 index 0000000..aa8ef84 Binary files /dev/null and b/docs/assets/heqet-overview.jpg differ diff --git a/docs/generators/vault.md b/docs/generators/vault.md index e1af4a0..3792339 100644 --- a/docs/generators/vault.md +++ b/docs/generators/vault.md @@ -1,7 +1,18 @@ # VaultSecret Generator The VaultSecret generator will create a `VaultSecret` for every secret specified in the `secrets`-hash. It's based on the [vault-secret-operator](https://github.com/ricoberger/vault-secrets-operator). -## Values +## Parameters + +| Parameter | Type | Example | Description | +|-----------|--------|-------------|-------------| +| name | string | `"my-secret"` | Name of Secret to generate & in vault [requited] | +| keys | array[string] | `- password` | Array of keys that will be pulled from the vault-secret [required] | +| type | string | `Opaque` | Secret type in Kubernetes [default: `Opaque`] | +| fromApp | string | `myapp2` | Pulls secret from another app, e.g. `/heqet//`. This way sharing secrets between apps is easily possible | + + +## Examples +### Simple Here is an example for a simple secret: ``` yaml apps: @@ -20,7 +31,7 @@ This will result in following resource. Notice that the path inside of Vault is apiVersion: ricoberger.de/v1alpha1 kind: VaultSecret metadata: - name: vpn-config + name: my-secret namespace: "myapp" labels: app: myapp @@ -34,3 +45,26 @@ spec: type: Opaque ``` +### Sharing Secrets between Apps + +Secrets can also be shared & pulled from other apps, by using the `fromApp` parameter: + +``` yaml +apps: + - name: myapp + secrets: + - name: my-secret + keys: + - username + - password + - shared-key + # default: + type: Opaque + + - name: myapp2 + secrets: + - name: my-secret + fromApp: myapp + keys: + - shared-key +``` diff --git a/docs/index.md b/docs/index.md index 66332db..3570aac 100644 --- a/docs/index.md +++ b/docs/index.md @@ -12,6 +12,10 @@ Heqet is my attempt to make Kubernetes GitOps Deployments as easy as possible. I **This project is still in a very early stage of development, but feel free to try it out & contribute!** +## Overview + +![Heqet Overview](assets/heqet-overview.jpg) + ## Components & Configuration Core component is `ArgoCD` which will deploy Heqet & also your apps! All you need is a git-repo & k8s cluster. @@ -23,6 +27,7 @@ If more configuration values are required, simply throw your applications `value ## Installation Installing heqet can't be simpler, after configuring your apps, argocd and pushing it to your git repo: + 1. Configure `manifests/heqet-apps.yaml` to match your Setup 2. `kubectl apply -f manifests/argocd.yaml` 3. `kubectl apply -f manifests/heqet-apps.yaml` diff --git a/docs/k3s.md b/docs/k3s.md index 826fbbe..cf7318f 100644 --- a/docs/k3s.md +++ b/docs/k3s.md @@ -3,7 +3,7 @@ ## Bootstrap K3s See: [K3s Install Options](https://rancher.com/docs/k3s/latest/en/installation/install-options/) -Or simply run: +Or if you are feeling lucky: ``` shellsession curl -sfL https://get.k3s.io | sh - ``` @@ -69,7 +69,7 @@ spec: readOnlyRootFilesystem: true ``` -The Password should be `admin`. +The password in this example is `argocd`. ## Bootstrap Heqet @@ -108,4 +108,8 @@ spec: ## Profit! -Now K3s should be setup. ArgoCD should be deployed by K3s-Helm-Operator. The Heqet-Application will bootstrap ArgoCD & hand over the control of all Application configuration to ArgoCD. +Now K3s should be setup: + + - ArgoCD should be deployed by K3s-Helm-Operator + - The Heqet-Application will bootstrap ArgoCD + - ArgoCD will take control of all Application configuration in heqet