external-secrets/docs/snippets/azkv-pushsecret-secret.yaml

apiVersion: v1
kind: Secret
metadata:
  name: source-secret
stringData:
  source-key: "my-secret"
---
apiVersion: external-secrets.io/v1alpha1
kind: PushSecret
metadata:
  name: pushsecret-example
  namespace: default
spec:
  refreshInterval: 1h # Refresh interval for which push secret will reconcile
  deletionPolicy: Delete
  secretStoreRefs: # A list of secret stores to push secrets to
    - name: azure-store
      kind: SecretStore
  selector:
    secret:
      name: source-secret # Source Kubernetes secret to be pushed
  data:
    - match:
        secretKey: source-key # Source Kubernetes secret key containing the secret
        remoteRef:
          remoteKey: my-azkv-secret-name 
      metadata:
        apiVersion: kubernetes.external-secrets.io/v1alpha1
        kind: PushSecretMetadata
        spec:
          expirationDate: "2024-12-31T23:59:59Z" # Expiration date for the secret in Azure Key Vault