mirror of
https://github.com/external-secrets/external-secrets.git
synced 2024-12-14 11:57:59 +00:00
27c5f1f1f2
Signed-off-by: Gustavo <gustavo@externalsecrets.com>
48 lines
1.5 KiB
YAML
48 lines
1.5 KiB
YAML
{% raw %}
|
|
apiVersion: external-secrets.io/v1beta1
|
|
kind: ExternalSecret
|
|
metadata:
|
|
name: vivid-external-secrets # name of ExternalSecret
|
|
namespace: vivid # namespace inside which the ExternalSecret will be created
|
|
annotations:
|
|
company/contacts: user.a@company.com, user.b@company.com
|
|
company/team: vivid-dev
|
|
labels:
|
|
app.kubernetes.io/name: external-secrets
|
|
spec:
|
|
refreshInterval: 1h
|
|
secretStoreRef:
|
|
name: vivid-clustersecretstore # name of ClusterSecretStore
|
|
kind: ClusterSecretStore
|
|
data:
|
|
- secretKey: USERNAME
|
|
remoteRef:
|
|
key: vivid_prod/global_user # databagName/dataItemName
|
|
property: username # a json key in dataItem
|
|
- secretKey: PASSWORD
|
|
remoteRef:
|
|
key: vivid_prod/global_user
|
|
property: password
|
|
- secretKey: APIKEY
|
|
remoteRef:
|
|
key: vivid_global/apikey
|
|
property: api_key
|
|
- secretKey: APP_PROPERTIES
|
|
remoteRef:
|
|
key: vivid_global/app_properties # databagName/dataItemName , it will fetch all key-vlaues present in the dataItem
|
|
target:
|
|
name: vivid-credentials # name of kubernetes Secret resource that will be created and will contain the obtained secrets
|
|
creationPolicy: Owner
|
|
template:
|
|
mergePolicy: Replace
|
|
engineVersion: v2
|
|
data:
|
|
secrets.json: |
|
|
{
|
|
"username": "{{ .USERNAME }}",
|
|
"password": "{{ .PASSWORD }}",
|
|
"app_apikey": "{{ .APIKEY }}",
|
|
"app_properties": "{{ .APP_PROPERTIES }}"
|
|
}
|
|
|
|
{% endraw %}
|