diff --git a/test/e2e/testing-manifests/auth/encrypt/OWNERS b/test/e2e/testing-manifests/auth/encrypt/OWNERS new file mode 100644 index 00000000000..d2ea8ec60ca --- /dev/null +++ b/test/e2e/testing-manifests/auth/encrypt/OWNERS @@ -0,0 +1,8 @@ +# See the OWNERS docs at https://go.k8s.io/owners + +approvers: + - sig-auth-encryption-at-rest-approvers +reviewers: + - sig-auth-encryption-at-rest-reviewers +labels: + - sig/auth diff --git a/test/e2e/testing-manifests/auth/encrypt/encryption-config.yaml b/test/e2e/testing-manifests/auth/encrypt/encryption-config.yaml new file mode 100644 index 00000000000..6416ab080a4 --- /dev/null +++ b/test/e2e/testing-manifests/auth/encrypt/encryption-config.yaml @@ -0,0 +1,10 @@ +apiVersion: apiserver.config.k8s.io/v1 +kind: EncryptionConfiguration +resources: + - resources: + - secrets + providers: + - secretbox: + keys: + - name: key1 + secret: YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXoxMjM0NTY= diff --git a/test/e2e/testing-manifests/auth/encrypt/kind.yaml b/test/e2e/testing-manifests/auth/encrypt/kind.yaml new file mode 100644 index 00000000000..0f91fb7c51e --- /dev/null +++ b/test/e2e/testing-manifests/auth/encrypt/kind.yaml @@ -0,0 +1,31 @@ +kind: Cluster +apiVersion: kind.x-k8s.io/v1alpha4 +nodes: +- role: control-plane + extraMounts: + - containerPath: /etc/kubernetes/encryption-config.yaml + hostPath: test/e2e/testing-manifests/auth/encrypt/encryption-config.yaml + readOnly: true + propagation: None + kubeadmConfigPatches: + - | + kind: ClusterConfiguration + apiServer: + extraArgs: + encryption-provider-config: "/etc/kubernetes/encryption-config.yaml" + v: "5" + extraVolumes: + - name: encryption-config + hostPath: "/etc/kubernetes/encryption-config.yaml" + mountPath: "/etc/kubernetes/encryption-config.yaml" + readOnly: true + pathType: File + scheduler: + extraArgs: + v: "5" + controllerManager: + extraArgs: + v: "5" +- role: worker +- role: worker +- role: worker