diff options
Diffstat (limited to 'f3s')
| -rw-r--r-- | f3s/argocd/git-server-known-hosts.yaml | 19 | ||||
| -rw-r--r-- | f3s/argocd/git-server-repo-creds.yaml | 22 |
2 files changed, 41 insertions, 0 deletions
diff --git a/f3s/argocd/git-server-known-hosts.yaml b/f3s/argocd/git-server-known-hosts.yaml new file mode 100644 index 0000000..1b3b8ce --- /dev/null +++ b/f3s/argocd/git-server-known-hosts.yaml @@ -0,0 +1,19 @@ +# ArgoCD SSH known_hosts configuration for git-server +# This ConfigMap adds the git-server SSH host keys to ArgoCD's known_hosts +# so that ArgoCD can verify the server's identity when cloning repositories +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-ssh-known-hosts-cm + namespace: cicd + labels: + app.kubernetes.io/name: argocd-cm + app.kubernetes.io/part-of: argocd +data: + ssh_known_hosts: | + # git-server.cicd.svc.cluster.local SSH host keys (ed25519 and rsa only) + git-server.cicd.svc.cluster.local ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINqfstttRe6qVZWB+JCTD7BogfHqxfyyhJ5VqOR2asYq + git-server.cicd.svc.cluster.local ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDZgI8CnekdB12qxZQXftz6qa18NJWz2bjtwd5H6UShTCao71ovvGMVkCQsKXv+PwW9ONHnmtO8EwCEPxhfGW7g7RpZu/mmzKTdEI9FUZTY+TapwLOJwYMRh423wOAn2jcSsVe2iGQbDXiRuNHTPZSXB3fOqsdoL11hCL36QoplfKwMGbIQRvE2KgPZXDZshNWJGJ6VF+rPy/Uyrg7w+hOg5Mjv1F0RxMrcKEyEOHDoJBSH/iruE2K4Ip+FiKOkaILq+Tp6KG8U/Pc/wv9XMQkbUT7l4jEbE4vnBpOztQDPS/bk6LoRBN64CvAyZDy1XL7mpjhqQNNNQZOPQ8Esm6cGk7johsWdlN0GHoPk8wDMIBHK4OebmBafuD9YzrnHcy0asnRKTSq6WcVfEgRpsH1kZRpqYk5PwjUxyZgInb/jvcHTwr/zP9nR0fMHbFCq/Q4A5/FpvgJUcIOqdXaeue0Y2jnT8nrBzKf1FU6u3caciCEZraKBgFCds04OUOZd/4U= + + # Codeberg.org SSH host keys + codeberg.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIVIC02vnjFyL+I4RHfvIGNtOgJMe769VTF1VR4EB3ZB diff --git a/f3s/argocd/git-server-repo-creds.yaml b/f3s/argocd/git-server-repo-creds.yaml new file mode 100644 index 0000000..54207bc --- /dev/null +++ b/f3s/argocd/git-server-repo-creds.yaml @@ -0,0 +1,22 @@ +# ArgoCD Repository Credential for self-hosted git-server +# This secret tells ArgoCD how to authenticate to the git-server via SSH +apiVersion: v1 +kind: Secret +metadata: + name: git-server-repo-creds + namespace: cicd + labels: + argocd.argoproj.io/secret-type: repository +type: Opaque +stringData: + type: git + url: ssh://git@git-server.cicd.svc.cluster.local + insecure: "true" + sshPrivateKey: | + -----BEGIN OPENSSH PRIVATE KEY----- + b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW + QyNTUxOQAAACAIRE5bIG/4OUmjDzSVif7eLitZ+GW5PksuiMlBJfhHGAAAAJgGCa9qBgmv + agAAAAtzc2gtZWQyNTUxOQAAACAIRE5bIG/4OUmjDzSVif7eLitZ+GW5PksuiMlBJfhHGA + AAAEAbwYhRydHh8HlKI35Takf/1qCSvZmdJBzbngvz5Zv1bwhETlsgb/g5SaMPNJWJ/t4u + K1n4Zbk+Sy6IyUEl+EcYAAAAEmFyZ29jZEBmM3MuY2x1c3RlcgECAw== + -----END OPENSSH PRIVATE KEY----- |