Initial commit

vars/tenant-tpl/.sops.yaml

@@ -0,0 +1,24 @@
+---
+
+# This example uses YAML anchors which allows reuse of multiple keys 
+# without having to repeat yourself.
+# Also see https://github.com/Mic92/dotfiles/blob/master/nixos/.sops.yaml
+# for a more complex example.
+keys:
+  age:
+  - &tenant_age_key "@{AGE-PUBLIC-KEY}"
+creation_rules:
+  - path_regex: .+secret(\.sops)?\.ya?ml
+    input_type: yaml
+    encrypted_regex: ^(data|stringData)$
+    key_groups:
+      - age: &key_groups
+          - *tenant_age_key
+  - path_regex: .+secret(\.sops)?\.env
+    input_type: env
+    key_groups:
+      - age: *key_groups
+stores:
+  yaml:
+    indent: 2
+

vars/tenant-tpl/README.md

@@ -0,0 +1,11 @@
+# Settings and Secrets
+
+Add here settings that depend on the tenant name. This is needed when you
+include this git ${REPO_NAME} into multiple tenants. You need to ensure this
+folder is called the same way as the kvant tenant you got.
+
+You can add Config Maps and secrets to this folder. The secrets should be
+encripted using SOPS (see
+[WIKI](https://git.kvant.cloud/phoenix/tenant-tpl/wiki/Tenant--Wiki)). Please
+do not forget adding your own key to the [.sops.yaml](.sops.yaml) before
+encrypting your secrets if you want to be able to edit them afterwards.

vars/tenant-tpl/example.yaml

@@ -0,0 +1,7 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: example-vars
+data:
+  EXAMPLE: foo