external-secrets/docs/provider-passworddepot.md

External Secrets Operator integrates with [Password Depot API](https://www.password-depot.de/) to sync Password Depot to secrets held on the Kubernetes cluster.

### Authentication

The API requires a username and password. 


```yaml
{% include 'password-depot-credentials-secret.yaml' %}
```

### Update secret store
Be sure the `passworddepot` provider is listed in the `Kind=SecretStore` and host and database are set.

```yaml
{% include 'passworddepot-secret-store.yaml' %}
```


### Creating external secret

To sync a Password Depot variable to a secret on the Kubernetes cluster, a `Kind=ExternalSecret` is needed.

```yaml
{% include 'passworddepot-external-secret.yaml' %}
```

#### Using DataFrom

DataFrom can be used to get a variable as a JSON string and attempt to parse it.

```yaml
{% include 'passworddepot-external-secret-json.yaml' %}
```

### Getting the Kubernetes secret
The operator will fetch the project variable and inject it as a `Kind=Secret`.
```
kubectl get secret passworddepot-secret-to-create -o jsonpath='{.data.secretKey}' | base64 -d
```
Integrate Passworddepot (#2799) * PLAT-1179 \| updated to beta1 Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Updating External Secrets fixes Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Fix to Passworddepots-crds-generation Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| apiextensionsv1 removal Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * Update apis/externalsecrets/v1beta1/secretstore_passworddeport_types.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com> * Update apis/externalsecrets/v1beta1/secretstore_passworddeport_types.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com> * Update apis/externalsecrets/v1beta1/secretstore_types.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com> * PLAT-1179 \| Removed insecureverify and other fixes Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Fixed Linter and Sonar Issues Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Fixed Typo in Passworddepot_api.go Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Resolved go.mod Conflict Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Resolved go.mod conflict typo Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| admission.Warnings error fix Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Added nolint:bodyclose // linters bug Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Removed <= Head arrow from mkdocs.yml Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Added Make Check-Diff Changes Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Changed Error Package, Added Context, API Refactor Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Added const DoRequestError to reduce Codesmell Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Moved defer body close func into ReadAndUnmarshal Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Moved Status Check into ReadAndUnmarshal Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Removed Response.body from ReadAndUnmarshal Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * Update apis/externalsecrets/v1alpha1/secretstore_passworddepot_types.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com> * PLAT-1179 \| Go mod tidy and Make generate Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Added empty SecretExists Method Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Renamed unsed ctx to _ Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> --------- Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com> Co-authored-by: Sören Rohweder <soeren.rohweder@fastleansmart.com> Co-authored-by: Simon Becker <simon.becker@fastleansmart.com> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> 2024-03-12 12:33:08 +00:00			`External Secrets Operator integrates with [Password Depot API](https://www.password-depot.de/) to sync Password Depot to secrets held on the Kubernetes cluster.`

			`### Authentication`

			`The API requires a username and password.`


			```yaml
			`{% include 'password-depot-credentials-secret.yaml' %}`
			```

			`### Update secret store`
			Be sure the `passworddepot` provider is listed in the `Kind=SecretStore` and host and database are set.

			```yaml
			`{% include 'passworddepot-secret-store.yaml' %}`
			```


			`### Creating external secret`

			To sync a Password Depot variable to a secret on the Kubernetes cluster, a `Kind=ExternalSecret` is needed.

			```yaml
			`{% include 'passworddepot-external-secret.yaml' %}`
			```

			`#### Using DataFrom`

			`DataFrom can be used to get a variable as a JSON string and attempt to parse it.`

			```yaml
			`{% include 'passworddepot-external-secret-json.yaml' %}`
			```

			`### Getting the Kubernetes secret`
			The operator will fetch the project variable and inject it as a `Kind=Secret`.
			```
			`kubectl get secret passworddepot-secret-to-create -o jsonpath='{.data.secretKey}' \| base64 -d`
			```