Skip to content

Commit

Permalink
Add public-samples/trail-project-1-n75ia4/infrastructure/kubernetes/b…
Browse files Browse the repository at this point in the history 
…ackend/secrets.yaml
  • Loading branch information
@siddhantpp
siddhantpp committed Dec 30, 2024
1 parent 5064431 commit a540d84
Showing 1 changed file with 45 additions and 0 deletions.
45 changes: 45 additions & 0 deletions infrastructure/kubernetes/backend/secrets.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
# Kubernetes Secret resource for backend service configuration
# Version: v1.27+
# Purpose: Secure storage of sensitive configuration data with AES-256-GCM encryption at rest

apiVersion: v1
kind: Secret
metadata:
name: backend-secrets
namespace: task-management
labels:
app: task-management
component: backend
environment: production
annotations:
encryption.kubernetes.io/encryption-provider: aescbc # Enables etcd encryption
description: "Backend service sensitive configuration data"
lastUpdated: "2024-01-01"
type: Opaque
data:
# Database Credentials
# PostgreSQL connection configuration
DATABASE_HOST: cG9zdGdyZXMtcHJpbWFyeS50YXNrLW1hbmFnZW1lbnQuc3ZjLmNsdXN0ZXIubG9jYWw= # postgres-primary.task-management.svc.cluster.local
DATABASE_PORT: NTQzMg== # 5432
DATABASE_USER: dGFza19tYW5hZ2VtZW50X2FwcA== # task_management_app
DATABASE_PASSWORD: c3VwZXJfc2VjcmV0X3Bhc3N3b3JkXzEyMw== # super_secret_password_123
DATABASE_NAME: dGFza19tYW5hZ2VtZW50X3Byb2Q= # task_management_prod

# JWT Authentication Configuration
# Token signing and verification secrets
JWT_SECRET: and0X3N1cGVyX3NlY3JldF9rZXlfMTIzNDU2Nzg5MA== # jwt_super_secret_key_1234567890
JWT_EXPIRES_IN: MWg= # 1h
REFRESH_TOKEN_SECRET: cmVmcmVzaF90b2tlbl9zdXBlcl9zZWNyZXRfMTIzNDU2Nzg5MA== # refresh_token_super_secret_1234567890
REFRESH_TOKEN_EXPIRES_IN: N2Q= # 7d

# SSO Provider Configuration
# OAuth2.0 credentials for enterprise authentication
SSO_CLIENT_ID: c3NvX2NsaWVudF9pZF8xMjM0NTY3ODkw # sso_client_id_1234567890
SSO_CLIENT_SECRET: c3NvX2NsaWVudF9zZWNyZXRfMTIzNDU2Nzg5MA== # sso_client_secret_1234567890
SSO_CALLBACK_URL: aHR0cHM6Ly90YXNrLW1hbmFnZW1lbnQuZXhhbXBsZS5jb20vYXV0aC9jYWxsYmFjaw== # https://task-management.example.com/auth/callback

# Email Service Configuration
# SendGrid integration for notifications
SENDGRID_API_KEY: c2ctdGVzdF9hcGlfa2V5XzEyMzQ1Njc4OTA= # sg-test_api_key_1234567890
EMAIL_FROM: bm90aWZpY2F0aW9uc0B0YXNrLW1hbmFnZW1lbnQuZXhhbXBsZS5jb20= # [email protected]
EMAIL_FROM_NAME: VGFzayBNYW5hZ2VtZW50IFN5c3RlbQ== # Task Management System

0 comments on commit a540d84

Please sign in to comment.