From a540d8470f822e729b1d3dbd82004f399cece3fa Mon Sep 17 00:00:00 2001
From: "Siddhant P. Pardeshi" <siddhantpp@gmail.com>
Date: Mon, 30 Dec 2024 17:33:52 -0500
Subject: [PATCH] Add
 public-samples/trail-project-1-n75ia4/infrastructure/kubernetes/backend/secrets.yaml

---
 .../kubernetes/backend/secrets.yaml           | 45 +++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100644 infrastructure/kubernetes/backend/secrets.yaml

diff --git a/infrastructure/kubernetes/backend/secrets.yaml b/infrastructure/kubernetes/backend/secrets.yaml
new file mode 100644
index 0000000..02c3855
--- /dev/null
+++ b/infrastructure/kubernetes/backend/secrets.yaml
@@ -0,0 +1,45 @@
+# Kubernetes Secret resource for backend service configuration
+# Version: v1.27+
+# Purpose: Secure storage of sensitive configuration data with AES-256-GCM encryption at rest
+
+apiVersion: v1
+kind: Secret
+metadata:
+  name: backend-secrets
+  namespace: task-management
+  labels:
+    app: task-management
+    component: backend
+    environment: production
+  annotations:
+    encryption.kubernetes.io/encryption-provider: aescbc # Enables etcd encryption
+    description: "Backend service sensitive configuration data"
+    lastUpdated: "2024-01-01"
+type: Opaque
+data:
+  # Database Credentials
+  # PostgreSQL connection configuration
+  DATABASE_HOST: cG9zdGdyZXMtcHJpbWFyeS50YXNrLW1hbmFnZW1lbnQuc3ZjLmNsdXN0ZXIubG9jYWw= # postgres-primary.task-management.svc.cluster.local
+  DATABASE_PORT: NTQzMg== # 5432
+  DATABASE_USER: dGFza19tYW5hZ2VtZW50X2FwcA== # task_management_app
+  DATABASE_PASSWORD: c3VwZXJfc2VjcmV0X3Bhc3N3b3JkXzEyMw== # super_secret_password_123
+  DATABASE_NAME: dGFza19tYW5hZ2VtZW50X3Byb2Q= # task_management_prod
+
+  # JWT Authentication Configuration
+  # Token signing and verification secrets
+  JWT_SECRET: and0X3N1cGVyX3NlY3JldF9rZXlfMTIzNDU2Nzg5MA== # jwt_super_secret_key_1234567890
+  JWT_EXPIRES_IN: MWg= # 1h
+  REFRESH_TOKEN_SECRET: cmVmcmVzaF90b2tlbl9zdXBlcl9zZWNyZXRfMTIzNDU2Nzg5MA== # refresh_token_super_secret_1234567890
+  REFRESH_TOKEN_EXPIRES_IN: N2Q= # 7d
+
+  # SSO Provider Configuration
+  # OAuth2.0 credentials for enterprise authentication
+  SSO_CLIENT_ID: c3NvX2NsaWVudF9pZF8xMjM0NTY3ODkw # sso_client_id_1234567890
+  SSO_CLIENT_SECRET: c3NvX2NsaWVudF9zZWNyZXRfMTIzNDU2Nzg5MA== # sso_client_secret_1234567890
+  SSO_CALLBACK_URL: aHR0cHM6Ly90YXNrLW1hbmFnZW1lbnQuZXhhbXBsZS5jb20vYXV0aC9jYWxsYmFjaw== # https://task-management.example.com/auth/callback
+
+  # Email Service Configuration
+  # SendGrid integration for notifications
+  SENDGRID_API_KEY: c2ctdGVzdF9hcGlfa2V5XzEyMzQ1Njc4OTA= # sg-test_api_key_1234567890
+  EMAIL_FROM: bm90aWZpY2F0aW9uc0B0YXNrLW1hbmFnZW1lbnQuZXhhbXBsZS5jb20= # notifications@task-management.example.com
+  EMAIL_FROM_NAME: VGFzayBNYW5hZ2VtZW50IFN5c3RlbQ== # Task Management System
\ No newline at end of file