chore: move all secrets to a single namespace and consolidate dups

2025-09-21 17:52:31 +05:00
parent 109c94832a
commit 9dea58bda6
2 changed files with 14 additions and 41 deletions
--- a/1password/index.ts
+++ b/1password/index.ts
@@ -5,13 +5,14 @@ import { KubernetesProvider } from "@cdktf/provider-kubernetes/lib/provider";

 type OnePasswordSecret = {
  id?: string;
+  namespace?: string;
  name: string;
-  namespace: string;
  itemPath: string;
 };

 type OnePasswordOptions = {
  provider: KubernetesProvider;
+  namespace: string;
 };

 export class OnePassword extends Construct {
@@ -32,7 +33,7 @@ export class OnePassword extends Construct {
          kind: "OnePasswordItem",
          metadata: {
            name: secret.name,
-            namespace: secret.namespace,
+            namespace: secret.namespace ?? options.namespace,
            annotations: {
              "operator.1password.io/auto-restart": "true",
            },
--- a/1password/secrets.json
+++ b/1password/secrets.json
@@ -1,78 +1,50 @@
 [
  {
    "name": "gitea-admin",
-    "namespace": "gitea-system",
    "itemPath": "vaults/Lab/items/gitea-admin"
  },
-  {
-    "name": "gitea-postgres",
-    "namespace": "gitea-system",
-    "itemPath": "vaults/Lab/items/gitea-postgres"
-  },
  {
    "name": "pihole-admin",
-    "namespace": "pihole-system",
    "itemPath": "vaults/Lab/items/pihole"
  },
  {
    "name": "postgres-password",
-    "namespace": "postgres-system",
    "itemPath": "vaults/Lab/items/Postgres"
  },
  {
    "name": "runner-secret",
-    "namespace": "gitea-system",
    "itemPath": "vaults/Lab/items/Gitea"
  },
  {
    "name": "cloudflare-token",
-    "namespace": "cert-manager",
-    "itemPath": "vaults/Lab/items/Cloudflare"
+    "itemPath": "vaults/Lab/items/cloudflare"
  },
  {
-    "name": "cloudflare-token",
-    "id": "cloudflare-ddns-api-token",
-    "namespace": "cloudflare-system",
-    "itemPath": "vaults/Lab/items/Cloudflare"
-  },
-  {
-    "name": "authentik-postgres",
-    "namespace": "authentik-system",
-    "itemPath": "vaults/Lab/items/authentik-postgres"
-  },
-  {
-    "name": "redis",
-    "namespace": "redis-system",
-    "itemPath": "vaults/Lab/items/redis"
-  },
-  {
-    "name": "authentik-redis",
-    "namespace": "authentik-system",
-    "itemPath": "vaults/Lab/items/redis"
+    "name": "valkey",
+    "itemPath": "vaults/Lab/items/valkey"
  },
  {
    "name": "gitea-oauth",
-    "namespace": "gitea-system",
    "itemPath": "vaults/Lab/items/gitea-oauth"
  },
  {
    "name": "gitea-elasticsearch",
-    "namespace": "gitea-system",
    "itemPath": "vaults/Lab/items/gitea-elasticsearch"
  },
-  {
-    "name": "gitea-redis",
-    "namespace": "gitea-system",
-    "itemPath": "vaults/Lab/items/gitea-redis"
-  },
  {
    "name": "smtp-token",
-    "namespace": "gitea-system",
    "itemPath": "vaults/Lab/items/smtp-token"
  },
  {
    "name": "longhorn-encryption",
-    "namespace": "longhorn-system",
    "itemPath": "vaults/Lab/items/longhorn-encryption"
+  },
+  {
+    "name": "authentik-secret-key",
+    "itemPath": "vaults/Lab/items/authentik-secret-key"
+  },
+  {
+    "name": "curseforge",
+    "itemPath": "vaults/Lab/items/curseforge"
  }
 ]