rename variables to show the purpose (#812)

Signed-off-by: Johannes Kleinlercher <[email protected]>

.devcontainer/delivery/devcontainer.json

@@ -20,10 +20,10 @@
 	},
 
 	"secrets": {
-		"KUBRIX_GITHUB_CLIENTSECRET": { },
-		"KUBRIX_GITHUB_CLIENTID": { },
-		"KUBRIX_GITHUB_TOKEN": { },
-		"KUBRIX_GITHUB_APPSET_TOKEN": { }
+		"KUBRIX_BACKSTAGE_GITHUB_CLIENTSECRET": { },
+		"KUBRIX_BACKSTAGE_GITHUB_CLIENTID": { },
+		"KUBRIX_BACKSTAGE_GITHUB_TOKEN": { },
+		"KUBRIX_ARGOCD_APPSET_TOKEN": { }
 	},
 
 	"postCreateCommand": "sudo cp .devcontainer/delivery/welcome.txt /usr/local/etc/vscode-dev-containers/first-run-notice.txt",

.github/workflows/cluster-test.yml

@@ -59,10 +59,10 @@ jobs:
       - name: install kubriX stack
         env:
           KUBRIX_TARGET_TYPE: ${{ matrix.target-type }}
-          KUBRIX_GITHUB_CLIENTSECRET: "dummy"
-          KUBRIX_GITHUB_CLIENTID: "dummy"
-          KUBRIX_GITHUB_TOKEN: "dummy"
-          KUBRIX_GITHUB_APPSET_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          KUBRIX_BACKSTAGE_GITHUB_CLIENTSECRET: "dummy"
+          KUBRIX_BACKSTAGE_GITHUB_CLIENTID: "dummy"
+          KUBRIX_BACKSTAGE_GITHUB_TOKEN: "dummy"
+          KUBRIX_ARGOCD_APPSET_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           KUBRIX_REPO_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
           KUBRIX_REPO_USERNAME: "dummy"
           KUBRIX_INSTALL_DEBUG: "false"

install-platform.sh

@@ -263,7 +263,7 @@ kubectl apply -f platform-apps/charts/argocd/manual-secret/argocd-secret.yaml
 if [[ $( echo $argocd_apps | grep sx-kargo ) ]] ; then
   echo "adding special configuration for sx-kargo"
   export VAULT_HOSTNAME=$(kubectl get ingress -o jsonpath='{.items[*].spec.rules[*].host}' -n vault)
-  curl -k --header "X-Vault-Token:$(kubectl get secret -n vault vault-init -o=jsonpath='{.data.root_token}'  | base64 -d)" --request POST --data "{\"data\": {\"GITHUB_APPSET_PAT\": \"$VAULT_TOKEN\", \"GITHUB_TOKEN\": \"${KUBRIX_REPO_PASSWORD}\", \"GITHUB_USERNAME\": \"${KUBRIX_REPO_USERNAME}\"}}" https://${VAULT_HOSTNAME}/v1/sx-cnp-oss-kv/data/demo/delivery
+  curl -k --header "X-Vault-Token:$(kubectl get secret -n vault vault-init -o=jsonpath='{.data.root_token}'  | base64 -d)" --request POST --data "{\"data\": {\"GITHUB_APPSET_PAT\": \"${KUBRIX_ARGOCD_APPSET_TOKEN}\", \"GITHUB_TOKEN\": \"${KUBRIX_KARGO_GIT_PASSWORD}\", \"GITHUB_USERNAME\": \"${KUBRIX_KARGO_GIT_USERNAME}\"}}" https://${VAULT_HOSTNAME}/v1/sx-cnp-oss-kv/data/demo/delivery
   sleep 10
   kubectl delete ExternalSecret github-creds -n kargo
   # check if kargo is synced and healthy for 5 minutes
@@ -301,10 +301,10 @@ if [[ $( echo $argocd_apps | grep sx-backstage ) ]] ; then
 
   if [ ${KEYCLOAK_CODESPACES} ]; then
     kubectl create secret generic -n backstage manual-secret \
-      --from-literal=GITHUB_CLIENTSECRET=${KUBRIX_GITHUB_CLIENTSECRET} \
-      --from-literal=GITHUB_CLIENTID=${KUBRIX_GITHUB_CLIENTID} \
+      --from-literal=GITHUB_CLIENTSECRET=${KUBRIX_BACKSTAGE_GITHUB_CLIENTSECRET} \
+      --from-literal=GITHUB_CLIENTID=${KUBRIX_BACKSTAGE_GITHUB_CLIENTID} \
       --from-literal=GITHUB_ORG=${GITHUB_ORG} \
-      --from-literal=GITHUB_TOKEN=${KUBRIX_GITHUB_TOKEN} \
+      --from-literal=GITHUB_TOKEN=${KUBRIX_BACKSTAGE_GITHUB_TOKEN} \
       --from-literal=K8S_SA_TOKEN=${K8S_SA_TOKEN} \
       --from-literal=ARGOCD_AUTH_TOKEN=${ARGOCD_AUTH_TOKEN} \
       --from-literal=GRAFANA_TOKEN=${GRAFANA_TOKEN} \
@@ -322,10 +322,10 @@ if [[ $( echo $argocd_apps | grep sx-backstage ) ]] ; then
 
   elif [ ${GITHUB_CODESPACES} ]; then
     kubectl create secret generic -n backstage manual-secret \
-    --from-literal=GITHUB_CLIENTSECRET=${KUBRIX_GITHUB_CLIENTSECRET} \
-    --from-literal=GITHUB_CLIENTID=${KUBRIX_GITHUB_CLIENTID} \
+    --from-literal=GITHUB_CLIENTSECRET=${KUBRIX_BACKSTAGE_GITHUB_CLIENTSECRET} \
+    --from-literal=GITHUB_CLIENTID=${KUBRIX_BACKSTAGE_GITHUB_CLIENTID} \
     --from-literal=GITHUB_ORG=${GITHUB_ORG} \
-    --from-literal=GITHUB_TOKEN=${KUBRIX_GITHUB_TOKEN} \
+    --from-literal=GITHUB_TOKEN=${KUBRIX_BACKSTAGE_GITHUB_TOKEN} \
     --from-literal=K8S_SA_TOKEN=${K8S_SA_TOKEN} \
     --from-literal=ARGOCD_AUTH_TOKEN=${ARGOCD_AUTH_TOKEN} \
     --from-literal=GRAFANA_TOKEN=${GRAFANA_TOKEN} \
@@ -336,10 +336,10 @@ if [[ $( echo $argocd_apps | grep sx-backstage ) ]] ; then
 
   else
     kubectl create secret generic -n backstage manual-secret \
-    --from-literal=GITHUB_CLIENTSECRET=${KUBRIX_GITHUB_CLIENTSECRET} \
-    --from-literal=GITHUB_CLIENTID=${KUBRIX_GITHUB_CLIENTID} \
+    --from-literal=GITHUB_CLIENTSECRET=${KUBRIX_BACKSTAGE_GITHUB_CLIENTSECRET} \
+    --from-literal=GITHUB_CLIENTID=${KUBRIX_BACKSTAGE_GITHUB_CLIENTID} \
     --from-literal=GITHUB_ORG=${GITHUB_ORG} \
-    --from-literal=GITHUB_TOKEN=${KUBRIX_GITHUB_TOKEN} \
+    --from-literal=GITHUB_TOKEN=${KUBRIX_BACKSTAGE_GITHUB_TOKEN} \
     --from-literal=K8S_SA_TOKEN=${K8S_SA_TOKEN} \
     --from-literal=ARGOCD_AUTH_TOKEN=${ARGOCD_AUTH_TOKEN} \
     --from-literal=GRAFANA_TOKEN=${GRAFANA_TOKEN}

kubrix-local-installation.md

@@ -41,12 +41,15 @@ For the installation some variables are needed:
 
 ```
 # Github clientsecret and clientid from GitHub OAuth App for Backstage
-export KUBRIX_GITHUB_CLIENTSECRET=<value from steps above>
-export KUBRIX_GITHUB_CLIENTID=<value from steps above>
+export KUBRIX_BACKSTAGE_GITHUB_CLIENTSECRET=<value from steps above>
+export KUBRIX_BACKSTAGE_GITHUB_CLIENTID=<value from steps above>
 # Github token Backstage uses to get the catalog yaml form github
-export KUBRIX_GITHUB_TOKEN=<your personal access token>
+export KUBRIX_BACKSTAGE_GITHUB_TOKEN=<your personal access token>
 # Github token ArgoCD uses for the SCM Provider
-export KUBRIX_GITHUB_APPSET_TOKEN=<github-pat-for-argocd-appsets-only-read-permissions-needed>
+export KUBRIX_ARGOCD_APPSET_TOKEN=<github-pat-for-argocd-appsets-only-read-permissions-needed>
+# Kargo Git Promotion credentials
+export KUBRIX_KARGO_GIT_USERNAME=<username-for-kargo-git-promotion>
+export KUBRIX_KARGO_GIT_PASSWORD=<username-for-kargo-git-promotion>
 # set the current repository to the origin or to your fork
 export KUBRIX_REPO=https://github.com/suxess-it/kubriX.git
 # if you want to test another branch, specify something else than main

kubrix-playground-github-codespaces.md

@@ -28,10 +28,10 @@ You can start a GitHub Codespaces with the button below or this [link](https://g
 - Branch: main branch (or a feature branch if you want to test some special features)
 - Dev container configuration: you can select which platform stack (brick) should get installed
 - Recommended Secrets:
-  - KUBRIX_GITHUB_CLIENTID: "Client ID" of your OAuth App in the variable
-  - KUBRIX_GITHUB_CLIENTSECRET: "Client secret" of your OAuth App in the variable
-  - KUBRIX_GITHUB_TOKEN: a Personal Access Token for Github to read files from the origin repo
-  - KUBRIX_GITHUB_APPSET_TOKEN: a Personal Access Token for Github to read repositories in your organization (for ArgoCD AppSet SCM Generator)
+  - KUBRIX_BACKSTAGE_GITHUB_CLIENTID: "Client ID" of your OAuth App in the variable
+  - KUBRIX_BACKSTAGE_GITHUB_CLIENTSECRET: "Client secret" of your OAuth App in the variable
+  - KUBRIX_BACKSTAGE_GITHUB_TOKEN: a Personal Access Token for Github to read files from the origin repo
+  - KUBRIX_ARGOCD_APPSET_TOKEN: a Personal Access Token for Github to read repositories in your organization (for ArgoCD AppSet SCM Generator)
 
 [![Open in GitHub Codespaces](https://github.com/codespaces/badge.svg)](https://codespaces.new/)