Add gitleaks precommit hook
This commit is contained in:
parent
c240e17131
commit
1460f20c92
2 changed files with 20 additions and 1 deletions
|
@ -3,3 +3,7 @@ repos:
|
|||
rev: v2.1.0
|
||||
hooks:
|
||||
- id: forbid-secrets
|
||||
- repo: https://github.com/zricethezav/gitleaks
|
||||
rev: v8.2.7
|
||||
hooks:
|
||||
- id: gitleaks
|
||||
|
|
17
readme.md
17
readme.md
|
@ -61,4 +61,19 @@ ansible-playbook -i inventory/hosts.yml ./nuke-k3s-cluster
|
|||
|
||||
## Setting up Flux
|
||||
|
||||
-
|
||||
- Install the `flux` CLI on a machine that can `kubectl` into the shiny, new cluster
|
||||
- `paru -S flux-bin`
|
||||
- or `curl -s https://fluxcd.io/install.sh | sudo bash`
|
||||
- https://fluxcd.io/docs/installation/
|
||||
- Run the pre-flight check (you must have `~/.kube/config` setup!)
|
||||
- `flux check --pre`
|
||||
- Create the `flux-system` namespace
|
||||
- `kubectl create namespace flux-system --dry-run=client -o yaml | kubectl apply -f -`
|
||||
- Add the `sops-age` encryption key to the namespace
|
||||
```bash
|
||||
pass home-k8s-cluster | grep age-secret-key | aws '{printf $2}' | \
|
||||
kubectl --namespace flux-system create secret generic sops-age \
|
||||
--from-file=age.agekey=/dev/stdin
|
||||
```
|
||||
- Install Flux
|
||||
- `kubectl apply --kustomize=
|
||||
|
|
Loading…
Reference in a new issue