From 33470c46bcdfbf53aad622a1d4ec104086069b46 Mon Sep 17 00:00:00 2001
From: Joseph Hanson <joe@veri.dev>
Date: Tue, 15 Aug 2023 15:51:30 +0000
Subject: [PATCH] Sops.

---
 kubernetes/apps/database/cloudnative-pg/ks.yaml |  8 --------
 kubernetes/flux/cluster-apps.yaml               | 13 ++++++++++++-
 2 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/kubernetes/apps/database/cloudnative-pg/ks.yaml b/kubernetes/apps/database/cloudnative-pg/ks.yaml
index 44fe443..5955b7f 100644
--- a/kubernetes/apps/database/cloudnative-pg/ks.yaml
+++ b/kubernetes/apps/database/cloudnative-pg/ks.yaml
@@ -33,11 +33,3 @@ spec:
   interval: 30m
   retryInterval: 1m
   timeout: 5m
-  decryption:
-    provider: sops
-    secretRef:
-      name: sops-age
-  postBuild:
-    substituteFrom:
-      - kind: Secret
-        name: cluster-secrets
diff --git a/kubernetes/flux/cluster-apps.yaml b/kubernetes/flux/cluster-apps.yaml
index 2ca16c6..97bd960 100644
--- a/kubernetes/flux/cluster-apps.yaml
+++ b/kubernetes/flux/cluster-apps.yaml
@@ -11,22 +11,33 @@ spec:
   sourceRef:
     kind: GitRepository
     name: valinor
+  decryption:
+    provider: sops
+    secretRef:
+      name: sops-age
   postBuild:
     substituteFrom:
       - kind: ConfigMap
         name: cluster-settings
+      - kind: Secret
+        name: cluster-secrets
   patches:
     - patch: |-
         apiVersion: kustomize.toolkit.fluxcd.io/v1
         kind: Kustomization
         metadata:
           name: not-used
-          namespace: not-used
         spec:
+          decryption:
+            provider: sops
+            secretRef:
+              name: sops-age
           postBuild:
             substituteFrom:
               - kind: ConfigMap
                 name: cluster-settings
+              - kind: Secret
+                name: cluster-secrets
       target:
         group: kustomize.toolkit.fluxcd.io
         kind: Kustomization