public
/
stack
5
0
Fork 0
Code Issues 4 Pull Requests 3 Packages Projects Releases Wiki Activity

Upgrade k8s CLIs, make alias functions the decrypt secerts on the fly

This commit is contained in:
Danny Grove 2025-07-14 23:21:11 -07:00
parent 6c19aed9aa
commit 3175f2c96d
Signed by: danny
GPG Key ID: E1F4160251DB4C2E
2 changed files with 20 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.bashrc Normal file
View File

@ -0,0 +1,3 @@
alias k9s='sops exec-file --no-fifo ~/stack/secrets/production.kubeconfig "KUBECONFIG={} /usr/bin/k9s"'
alias kubectl='function _kubectl(){ sops exec-file --no-fifo ~/stack/secrets/production.kubeconfig "KUBECONFIG={} /usr/bin/kubectl $@"; };_kubectl'
alias talosctl='function _talosctl(){ sops exec-file --no-fifo ~/stack/secrets/production.talosconfig "TALOSCONFIG={} /usr/bin/talosctl $@"; };_talosctl'

27
Containerfile.tools
View File

@ -13,13 +13,15 @@ FROM stagex/user-libgcrypt@sha256:384f0e703afad6f8885ec77fb814ef182a08600a203218
FROM stagex/user-opentofu@sha256:b5053a5966f7ec06ea894db315c4990b73e8bee69798889de747e9a99c32b041 AS user-opentofu
FROM stagex/user-sops@sha256:72b09ff439f422889af815f19a223b48b3b3fd0701d312a413069cbabcad7a12 AS user-sops
FROM stagex/user-talosctl@sha256:23ff2d686a0c251db4f8a8f07e9b18c81c64eaa07da97de5a75fccbea3e595c4 AS user-talosctl
FROM stagex/user-kubectl@sha256:6df028ecb71097c182276cad295f7a68a28f2c8d7fc82ea47fb22a451b11a4ff AS user-kubectl
FROM stagex/user-kustomize@sha256:9886d6c855f763398a8bf52cd16e07f78cb8dab75396903645612e9cd4094cfa AS user-kustomize
FROM stagex/user-kustomize-sops@sha256:25040e0adf7dc6806da9996a252dbf7f8f5bb4f0b9a9dd1835035eeaea3861d9 AS user-kustomize-sops
FROM drgrove/kubectl:1.33.2 AS user-kubectl
FROM drgrove/kustomize:5.7.0 AS user-kustomize
FROM drgrove/kustomize-sops:4.3.3 AS user-kustomize-sops
FROM stagex/user-helm@sha256:e7d2e13db8483f5356b96337308edbd5a0e602cc76c4c5ea5ed730ae6d2b2dcc AS user-helm
FROM stagex/user-k9s@sha256:eff325c4d000358b2f6ed0f63d61fcea8f98c081395437d0003e7429e0c334b4 AS user-k9s
FROM drgrove/k9s:0.50.7 AS user-k9s
FROM stagex/core-bash@sha256:a4601014df6ed004e0a81f65159b7f9dbdaec73db679ddef338b58ac4b85f0da AS core-bash
FROM scratch
FROM stagex/core-filesystem
COPY --from=core-bash . /
COPY --from=core-busybox . /
COPY --from=core-musl . /
COPY --from=core-ca-certificates . /
@ -35,11 +37,16 @@ COPY --from=user-sops . /
COPY --from=user-talosctl . /
COPY --from=user-kubectl . /
COPY --from=user-kustomize . /
COPY --from=user-kustomize-sops . /
COPY --from=user-kustomize-sops . /
COPY --from=user-sops . /
COPY --from=user-helm . /
COPY --from=user-k9s . /
RUN mkdir -p /root/.gnupg
RUN chmod 0700 /root/.gnupg
USER 0
RUN \
mkdir -p /run/user/1000/ \
&& chown 1000:1000 -R /run/user/1000/ \
&& chown 1000:1000 -R /home/user/
USER 1000
ENV PS1="[stack] $ "
ENV KUSTOMIZE_PLUGIN_HOME=/usr/lib/kustomize/plugins/
WORKDIR /home/user/