1 package constants 2 3 // Defines the names of the platform secrets required to get Edge up 4 // and running. These values correspond to the expected secret name in 5 // GCP SecretManager, but the values could be used anywhere secrets are stored. 6 const ( 7 // DataSynPubSubSAKey is the secret with the SA key for data sync to publish message to public topic 8 DataSynPubSubSAKey = "data-sync-connector-key" 9 // ChariotGitHubAppID is the App ID that GH generates when setting up the Chariot GitHub App 10 ChariotGitHubAppID = "chariot-gh-app-id" 11 // ChariotGitHubAppKey is the private key that GH generates when setting up the Chariot GitHub App 12 ChariotGitHubAppKey = "chariot-gh-app-private-key" 13 // DockerPullCfg is the pull creds for the NCR image repo(s) 14 DockerPullCfg = "platform-docker-pull-cfg" 15 // EdgeAPIOAauth2ClientID is the name fo the secret containing the IAP OAuth2 16 // Client ID used to auth to the Edge API. 17 EdgeAPIOAuth2ClientID = "edge-api-iap-oauth2-client-id" 18 // HelmRead is the username used for reading from the NCR Helm repo 19 HelmRead = "platform-helm-read" 20 // LaunchDarklySecretKey is the sdk key for edge launch darkly config 21 LaunchDarklySecretKey = "edge-backend-launch-darkly-sdk-key" //nolint 22 // EdgeTotpSecretKey is a totp secret key using to validate totp token 23 EdgeTotpSecretKey = "edge-backend-totp-secret" 24 // DefaultOwnerFilter is the default filter for when an owner is not passed in to secretManagerSecrets api 25 DefaultOwnerFilter = "tenant" 26 27 // not platform secret manager secret names 28 // TODO(alex): move these to a more appropriate place 29 30 //HelmRepositorySecretType is the constant for secrets that are type helm repository 31 HelmRepositorySecretType = "helm-repository" 32 //HelmURL is the url field of the helm secret 33 HelmURL = "helmUrl" 34 //HelmRepoName is name of the helm repo this secret belongs to 35 HelmRepoName = "helm_repo_name" 36 //HelmPassword is the helm password field 37 HelmPassword = "password" 38 //HelmUsername is the helm username field 39 HelmUsername = "username" 40 // BffAuth auth info needed for bsp and jwt token 41 BffAuth = "bff-auth" 42 //EdgeSecretTypeLabel is the label key for edge secret types 43 EdgeSecretTypeLabel = "secret-type-edge-ncr-com" 44 //EdgeWorkloadTypeLabel is the label key for edge workload types 45 EdgeWorkloadTypeLabel = "workload-edge-ncr-com" 46 //PlatformWorkloadType is the label value for edge platform workloads 47 PlatformWorkloadType = "platform" 48 KubeSystemNamespace = "kube-system" 49 ) 50 51 // PlatformSecretIDs contains the names of secrets assumed to exist in the top-level Foreman GCP Project's 52 // Secret Manager. The values of these secrets will be replicated from the Foreman Secret Manager to 53 // all banner/tenant projects upon creation 54 var PlatformSecretIDs = []string{ 55 HelmRead, 56 LaunchDarklySecretKey, 57 EdgeTotpSecretKey, 58 } 59 60 var PlatformHelmRepositories = map[string]bool{ 61 NCRCharts: true, 62 } 63