external-secrets/docs/snippets/vault-anchore-engine-access-credentials-external-secret.yaml

{% raw %}
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
  name: anchore-access-credentials
  namespace: security
spec:
  refreshInterval: 1m
  secretStoreRef:
    name: vault-backend
    kind: ClusterSecretStore
  target:
    name: anchore-access-credentials
    template:

      data:
        ANCHORE_ADMIN_USERNAME: >-
          {{ printf "{{ .username | toString }}" }}
        ANCHORE_ADMIN_PASSWORD: >-
          {{ printf "{{ .password | toString }}" }}
        ANCHORE_DB_PASSWORD: >-
          {{ printf "{{ .dbPassword | toString }}" }}
        db-url: >-
          {{ printf "{{ .dbUrl | toString }}" }}
        db-user: >-
          {{ printf "{{ .dbUser | toString }}" }}
        postgres-password: >-
          {{ printf "{{ .postgresPassword | toString }}" }}

  data:
    - secretKey: password
      remoteRef:
        key: anchore-engine
        property: ANCHORE_ADMIN_PASSWORD
    - secretKey: username
      remoteRef:
        key: anchore-engine
        property: ANCHORE_ADMIN_USERNAME
    - secretKey: dbPassword
      remoteRef:
        key: anchore-engine
        property: ANCHORE_DB_PASSWORD
    - secretKey: dbUrl
      remoteRef:
        key: anchore-engine
        property: db-url
    - secretKey: dbUser
      remoteRef:
        key: anchore-engine
        property: db-user
    - secretKey: postgresPassword
      remoteRef:
        key: anchore-engine
        property: postgres-password
{% endraw %}
feat: anchore and jenkins guides with snippets (#682) Co-authored-by: Lucas Severo Alves <lucassalves65@gmail.com> Co-authored-by: Surjit Bains <surjit.bains@gmail.com> 2022-02-07 11:14:06 +00:00			`{% raw %}`
Adding docs and implementing ConversionStrategy Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com> 2022-03-09 09:48:25 +00:00			`apiVersion: external-secrets.io/v1beta1`
feat: anchore and jenkins guides with snippets (#682) Co-authored-by: Lucas Severo Alves <lucassalves65@gmail.com> Co-authored-by: Surjit Bains <surjit.bains@gmail.com> 2022-02-07 11:14:06 +00:00			`kind: ExternalSecret`
			`metadata:`
			`name: anchore-access-credentials`
			`namespace: security`
			`spec:`
			`refreshInterval: 1m`
			`secretStoreRef:`
			`name: vault-backend`
			`kind: ClusterSecretStore`
			`target:`
			`name: anchore-access-credentials`
			`template:`

			`data:`
			`ANCHORE_ADMIN_USERNAME: >-`
			`{{ printf "{{ .username \| toString }}" }}`
			`ANCHORE_ADMIN_PASSWORD: >-`
			`{{ printf "{{ .password \| toString }}" }}`
			`ANCHORE_DB_PASSWORD: >-`
			`{{ printf "{{ .dbPassword \| toString }}" }}`
			`db-url: >-`
			`{{ printf "{{ .dbUrl \| toString }}" }}`
			`db-user: >-`
			`{{ printf "{{ .dbUser \| toString }}" }}`
			`postgres-password: >-`
			`{{ printf "{{ .postgresPassword \| toString }}" }}`

			`data:`
			`- secretKey: password`
			`remoteRef:`
			`key: anchore-engine`
			`property: ANCHORE_ADMIN_PASSWORD`
			`- secretKey: username`
			`remoteRef:`
			`key: anchore-engine`
			`property: ANCHORE_ADMIN_USERNAME`
			`- secretKey: dbPassword`
			`remoteRef:`
			`key: anchore-engine`
			`property: ANCHORE_DB_PASSWORD`
			`- secretKey: dbUrl`
			`remoteRef:`
			`key: anchore-engine`
			`property: db-url`
			`- secretKey: dbUser`
			`remoteRef:`
			`key: anchore-engine`
			`property: db-user`
			`- secretKey: postgresPassword`
			`remoteRef:`
			`key: anchore-engine`
			`property: postgres-password`
			`{% endraw %}`