mirror of
https://github.com/external-secrets/external-secrets.git
synced 2024-12-14 11:57:59 +00:00
a012f4829c
* Adding the details for chef provider secret store. Issue: https://github.com/external-secrets/external-secrets/issues/2905 This commit intends to add the chef provider structure to the existing list of external-secrets providers. It defines the structure of the SecretStore and ClusterSecretStore for chef Provider. The yaml resource will contain 3 important parts to identify and connect to chef server to reconcile secrets. They are: 1. serverurl: This is the URL to the chef server. 2. username: The username to connect to the chef server. 3. auth: The password to connect to the chef server. It is a reference to an already existing kubernetes secret containing the password. This commit also contains the auto generated CRDs using the `make generate` command. Signed-off-by: Subroto Roy <subrotoroy007@gmail.com> * Implementation for Chef ESO provided Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com> * - implemented Chef eso, added required methods - added unit test cases - added sample documentation Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * Added Documentation for Authentication Signed-off-by: Subroto Roy <subrotoroy007@gmail.com> * added documentation for Chef eso Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * Updated chef ESO documentation Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com> * updated ValidateStore method signature Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * made changes in chef provider to satisfy 'make docs' Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * - updated code as per review comment, make reviewable suggestions Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * modified chef provider code as per review comment Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> --------- Signed-off-by: Subroto Roy <subrotoroy007@gmail.com> Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com> Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> Co-authored-by: Subroto Roy <subrotoroy007@gmail.com> Co-authored-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>
48 lines
1.5 KiB
YAML
48 lines
1.5 KiB
YAML
{% raw %}
|
|
apiVersion: external-secrets.io/v1beta1
|
|
kind: ExternalSecret
|
|
metadata:
|
|
name: vivid-external-secrets # name of ExternalSecret
|
|
namespace: vivid # namespace inside which the ExternalSecret will be created
|
|
annotations:
|
|
company/contacts: user.a@company.com, user.b@company.com
|
|
company/team: vivid-dev
|
|
labels:
|
|
app.kubernetes.io/name: external-secrets
|
|
spec:
|
|
refreshInterval: 15m
|
|
secretStoreRef:
|
|
name: vivid-clustersecretstore # name of ClusterSecretStore
|
|
kind: ClusterSecretStore
|
|
data:
|
|
- secretKey: USERNAME
|
|
remoteRef:
|
|
key: vivid_prod/global_user # databagName/dataItemName
|
|
property: username # a json key in dataItem
|
|
- secretKey: PASSWORD
|
|
remoteRef:
|
|
key: vivid_prod/global_user
|
|
property: password
|
|
- secretKey: APIKEY
|
|
remoteRef:
|
|
key: vivid_global/apikey
|
|
property: api_key
|
|
- secretKey: APP_PROPERTIES
|
|
remoteRef:
|
|
key: vivid_global/app_properties # databagName/dataItemName , it will fetch all key-vlaues present in the dataItem
|
|
target:
|
|
name: vivid-credentials # name of kubernetes Secret resource that will be created and will contain the obtained secrets
|
|
creationPolicy: Owner
|
|
template:
|
|
mergePolicy: Replace
|
|
engineVersion: v2
|
|
data:
|
|
secrets.json: |
|
|
{
|
|
"username": "{{ .USERNAME }}",
|
|
"password": "{{ .PASSWORD }}",
|
|
"app_apikey": "{{ .APIKEY }}",
|
|
"app_properties": "{{ .APP_PROPERTIES }}"
|
|
}
|
|
|
|
{% endraw %}
|