mirror of
https://github.com/external-secrets/external-secrets.git
synced 2024-12-14 11:57:59 +00:00
3fbe318582
* feat: allow pushing the whole secret to the provider Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * add documentation about pushing a whole secret Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * disabling this feature for the rest of the providers for now Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * added scenario for update with existing property Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
20 lines
842 B
YAML
20 lines
842 B
YAML
apiVersion: external-secrets.io/v1alpha1
|
|
kind: PushSecret
|
|
metadata:
|
|
name: pushsecret-example # Customisable
|
|
namespace: default # Same of the SecretStores
|
|
spec:
|
|
deletionPolicy: Delete # the provider' secret will be deleted if the PushSecret is deleted
|
|
refreshInterval: 10s # Refresh interval for which push secret will reconcile
|
|
secretStoreRefs: # A list of secret stores to push secrets to
|
|
- name: aws-parameterstore
|
|
kind: SecretStore
|
|
selector:
|
|
secret:
|
|
name: pokedex-credentials # Source Kubernetes secret to be pushed
|
|
data:
|
|
- match:
|
|
secretKey: best-pokemon # Source Kubernetes secret key to be pushed
|
|
remoteRef:
|
|
remoteKey: my-first-parameter # Remote reference (where the secret is going to be pushed)
|
|
property: single-value-secret # the property to use to push into
|