Alexey Odinokov e2c56108ee Nextgen secrets implementation with separation per cluster
1. Extending templater with kyaml functions and creating combined catalogue
to be able to request/update the existing resources.
This is based on 'everything is transformer' concept introduced in kustomize 4.x
That includes gathering all secrets into 1 variable catalogue and
special mechanism to regenerate/merge with manual secrets.

2. Implementing 'catalogue per cluster' approach for secrets.

3. Rearranging secrets so it's possible to use:
pgp (each person may have his own key), age, Hachicorp Vault and etc
and the list of people who can decrypt documents is set in a special file.
Since in some cases there should be a separate list of people who can decrypt
data - this list is set for each cluster (ephemeral and target) separatelly.

Closes: #586
Change-Id: I038f84dd138d5ad4a35f4862c61ff2124c2fd530
2021-09-03 20:46:15 +00:00

83 lines
5.0 KiB
Plaintext

-----BEGIN PGP PRIVATE KEY BLOCK-----
lQVYBGDfWUMBDAD0nxvYUqZiUioXYFbQXDKhzVPLTo8mUY9YNZQzrcuspP3XKja1
B4v7PwMPeqkLS86n/lK9JOZh2AMe2fhKYdp+Rtoz+7ARVl9QzkQEjcILM88wJOTg
i/VwK/rCWKduns8NASSE8vZrFI4pvS1nrf5BNotArSCdHsuGhFvqk+BoId1Z7ykX
VC44CcR7ePEDVWnff0XRgiPxEMuHT9HlaFZig/aBZz2GUSuuu7n5dvQCKtZGiLPN
4KpCoXh4atgGSnAeuhVFYeonMdhQsrPFRHyT/ITutsEsu+sAklT9IcaUM6/LIjXc
hVOgePJWtwA1wqBNmKn6vriGiFaFHCun5BSQq08pty78yvL1AwqrIKPv1lPGXcn4
RlNNgG4F3G3qpxviwq3QVuYn08EWQh465Giin1EO53LeGLMajB1FIKNxyMgkV/n7
O1cJjoRbm0veboIJYFkRd7t7SjOStPxGiFrP1MvyQ1nkexETQoYd2hjLLJTjORWX
qXdLQFPSLcTQ0iEAEQEAAQAL/j1++FWQJZLnG/zHc9uqqfHiN/QO2k7kRxiCU7EQ
Onk6+zOJwboN3SN66k6MZA3ab2ftOCijq6UiVFp/qnsskWyYbEeQOOmK4KhkSlYo
uwTs7+OnCsDmfnvGGqKb/e+BzgRzapZfrBIsVzbn/4+mfpovV5+ZRm8pbDnzcVYN
+ebDyK1QwfBC8eGVlwcBVvmjEdwlV0x9noJ+WeQ47UfyTHE0wpYyeZWYN1aUjALK
ZDpdQYP23tjdZ4Abrrj7BzbBpGNI8Qk9E1eiuvGaqxoJI4suCCEgLSA96ksKa98f
01TUs5betS9Q65CH/ZnTsYDfNNRgxb7jX3Krm9QcyFydiwsvmUZiZhFGQkEd0vaC
ozkPqXAKXlsH1c27kW/fmCUFkXgZVtBhinQGPi//Ett8nxXZmbCOMZb5rJHrlSpc
YGR8VfWCPiNL6rYnQGMyg3TZbNHVXA4WymSO9kqISwvBat8qVv+NhMw/lCPGZzz3
YgomC5GctDX/Q1esP96NOLp9pwYA95/Ks7YaH2nisczsA6RI7a+7zt8vGrmv4Lkw
4f9fJXh1a8P7xrKAJ7fd8uK15fevSi/dcasvUWIoGqC3/+bn5V+78ujnRPHJedGK
9ZqG7DpHrtZ/2uc0bvS83z/H13v8dSqBGq8/h1ydeoL7Lb8uM8BxUp9DKEWHuwyb
waOyHGDKugj+Y8rsroMnAT8B7LNfy7A0dtw8MOs0dh9cxylen/tMcVp67VzKPTHZ
8PvtrjqzX/18D5WaAVzeBS7qKO4jBgD85VEFuXI3EBI0sSwlSMJZAvtnVCT2U6SX
PZbY6EyuWiN/yLGmySfGa9HB0rs4G/ZfaNv0Y6NXnK7/w5SjPlbeDHGg4+r5v6Pa
vJaJjJTVgmq9ZurQBu+b15H9ZXLr1oByOFQWec7UuaOvrZi2ru1HSrdlVPbcbO1d
xV1LftOgbdFN/qfZAnOJouaKbfYQNAq0TdeW62MlNrNS9YwK/YUF4qXEofrqF2Uf
WbmuFPLFXr7/8jUqw2D/1vWBNtWAaOsF/iD7XhEBiiZeXvh+b/1B2SDcBJLM+J+s
9sf+rIAoTuuBLQWzPRk0l1PLuaL07LpsV63zegM5PjL+cwRRUTOtI5t+YGF2yjh3
hKehEBtZU6Co8kMdevYk5DkHk4gQlLrL54PH9rAVUnsioBP+sxt7CPTydDax6jW6
h1aLEJkLdchF2h8AW1shevsQntrElciZ3hZencfEi9nzTpJG9a9gTle3DXrdVrR7
vWiM8lWkSkg0Zxh9+94At+Mim9VSQlmbhPfetDR0ZW5hbnQgKHRlc3Qga2V5IHRv
IHRlc3QgdGVuYW50KSA8dGVuYW50QHRlbmFudC5vcmc+iQHOBBMBCgA4FiEEncb7
vbOAHk4RRAFxOJWaVTIrxksFAmDfWUMCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgEC
F4AACgkQOJWaVTIrxksHggwArunUmr2YOSLR+E10ooXinjB8/p4Xbz7xLpFtSzKx
pkr3M8yD9QorlHzRj+hdUJi1dON3KMTCJK6LXkpy4pcHPMWeYkpPAZfkhWbkLpjZ
1yUOYVtl6Mn0YnUiZeHukP8yBB+Jz/aL2XGaZzi0xkkIQmdonD6hSeIE7korlRXt
/Kg40gkAbcdbcH9oAS5i4HuU56O2QvEkMl5gl+sIhljL0xhPMY6vQu6QLCz34Ko2
IFoN0Imjp64ZNqgtQhCWZ0cH2l4zQ2OxBCl+m7QHN2U6AHSmd/v1k1EGWyBeqyKd
73i26NFqKI6Zy7ddXIzQnBR5sHjKbaTLn4aD2ed4sKKtaGpOpT7SxQeXuLCJr7Yv
Z9drdqPoLQaVUBkWmSuD/XwGZ2vKSlo0lOrvPwwyswP5yt/k6xkjA9nfE2NeJbco
vO80oDT1OU9OnxzRbDOqYOx+Qk9jZnv4XgGr+b3JhOILF5ArBIJM6UuG5u2cHH5n
3crE54zLeM3TsV+lmWSY1ri8nQVYBGDfWUMBDAC22+ziDhB+HeOXRBEBsi/ETyMr
EEqKM+ZFFl/cxd12fsM2juu/4n4c9YVJSV25fZ4UMNuYNADLUtC1cDZLrcAQtVMU
1TFoeFtekCW2lXfVwh1yDto1dz65QLjkSwL6a7pETu7SmzAxJ6kB6iEjmMM19fYi
PcQ61l/PWwLwKAgXN3BCbv3mgCQUHh1LfXR+4mt6OXeCUGZfaMEOi8pZOuNqu2se
pGIKsqOQEfdUS6GnA0ZgXDebEDQ2CW04HDr3z9dmpEmSidKbNmgsj0Qn5gaQgm0s
c/XgPEB5jln/tiCHSAiruncA8Q6v26KabWkUS9F4jH/ins0zbavJD+PsuU3+fwQC
GlMdmfb23x+1NftJk3kzKB2BV0XG6Kh28qx3gm0UwcYqrYFBkbZlxWFJRMj7S1f+
AOBLN7IhZ0dPbaRkleZNgh8OwMURNhaXMB/vqcBPXVDXARwnh3jF++jV85UAw0p5
Yfyi8Te4gVDsUj2p7giYFNIQg4g3zE6HRIhhMtsAEQEAAQAL/RFGer0qhf1cNoWy
bQbjfibGMTTez6P53j3VrM3PNap9tFShsP0KWU7EFUkEsOGW0AnpSb253/9Vfhk+
FisVKamKb+RudcIAaOVoqd9zhIRB2AVQCOZ3MwpOZolO2uOsrMbKTD7CYY2rSQjA
xUu3IW4mJBA9FJ5YZWnSF9d3eLg0yRrFoKAXqBDsfWkF260nF+9OoY9CqEFIRMDq
jP3cFeMd/LNC5W5MTS6Nu/ePQ6DjKtFstOYl5EDcqCBebmW+EVsgsT08W/qysjJC
r9ZWq52w6ilAu4tQKodmItS2Hh94gjbbD5w4HFp5jpbIPUy1o3uUkBRcIiqbrFu9
pgXY/0n6ZrP7TZ40EuHgW1hPnf9i28jCoqKICRR7EOOsF/miPu/5ps4zMyZqF0+7
7J/dFQ0M27IJVWAiFL7Dg3wg38yGpxwa6UIUoasGn1Kvqju1udkyiV4Bj8cvi7VB
XX+LWiKvnC1+a29vP/wfjShc4w7aIITdA1uJvKOSPGyFTLQiuQYA0v8vuScVJOkP
IjYNeC5AjI5cCXau0ovckXrgzbcfbbXjwax0LNPx4gnJiZHsnGRZqnqUIVCsNpC6
y460EMT6F04y7K/3rcZykKb/+7KuBFN7uyQbBlMrMpIWNu+wA8h6+HPPXRNf4WNp
YmF9DQER5PIZsaqSuOkQ4E6KDsUkqQXnPJgR48tnQXy6cpg4EVISal+gMWtfPv8x
mWUm0meqRJVBiuW9E/tMl8QkoOb/en7VCc19db5Vb/xzUHHmofBJBgDd3F3jfbB/
WZH6H+cSWdB2Fy05nE55LruJ8VpGJ6e+zwpqnKOS+6jnn7uSR9Uo6cvQIq42mQxt
pMXZI8CiypURJmkUgWy4N4g0jTT4V1ueJuf2pOp4wW1bASdbsbZmnDbcizVDkJso
mbtQSS/uDFBQV29B5VNxtPK23OZdxbav3P/h4ZS5bJSMYOIypuBuZaw+aJxX+sHx
Q4sDHWTXlIfE+gFcXGn8iw96Jn4vly1owR16FEyUxWXU0hwjllFkUgMF/if5utC4
sJkkBw7TEqyOJP21T5jhpCzGGKKiOcgkqZYsJWO8Uqc3DvfzQnhitJ1CvZPcock5
DIzwgKvOVXe46tYuMiruAZLDnPObXqlyeMhTlydsfOZirkGLhmxM5yWcZyWW0fAV
TyvbRTpv3pjGa9yVzYnvGcj2RxMsLnWqGDtIusNpSGI6jzIE7xbyHHP8FzX8aK9L
ehdRjmG7wcWtdgafTWyytMGA+dhRAZbbTBtDWWoIXtri+UiuYT1X+97h3OBqiQG2
BBgBCgAgFiEEncb7vbOAHk4RRAFxOJWaVTIrxksFAmDfWUMCGwwACgkQOJWaVTIr
xksShAwA6H4uJvKV2TqbkOyAYY48MPwsTH+VbpzP8R9ksJ0Yuf1H/6cErurJPkNl
RkVduZmb+yv44zHHXbhs3WBAmaVOUByeWH83qeG89RgDkTAHAYFIkwR9kIQ45AZB
a1XxG8Z697nREiG+jRdy6QtA4l9seu/OaSmFBFFGPx9z7ELyqpJbPYoreh0yLvn3
NCTrc0i3OXFA3AqI/YbEAPu8tYo1r7q9Z0z1WI4yE46IFfvbIh0z6+VZG8dSAzBb
Q4H1NTlLEp7w6Rqq7krZqK/UIavl9t/ODYNsNJPNh/rQn6112gad9lfGrxSF0gOk
K1Z3LuY0rngERQemtPCmycyKHShL5ZVAZSRMHixZQWZveicX0J6+3tL/06Ryeklu
L/9VPfwZRiDy+EfCI0qdZHy91AvGJRn7R0bzo/jPUFpGmRIeotXQHS9iA9QdLPc6
d0xPkCSY26ttgavcoh7CIPasfQBYVa8AxdonqMK3lQvGgujZrTBY51wsso9ogSZU
Pc7ofoVT
=ELqz
-----END PGP PRIVATE KEY BLOCK-----