generator-gitlab.yaml 966 B

12345678910111213141516171819202122232425
  1. # 1. Create a GitLab access token (personal, group, or project) with the `api`
  2. # scope and at least the Maintainer role on the target project / group.
  3. # https://docs.gitlab.com/api/deploy_tokens/
  4. # 2. Store it in a Kubernetes secret, e.g.
  5. # kubectl create secret generic gitlab-api-token --from-literal=token=glpat-xxxx
  6. ---
  7. apiVersion: generators.external-secrets.io/v1alpha1
  8. kind: GitlabDeployToken
  9. metadata:
  10. name: gitlab-deploy-token
  11. spec:
  12. url: "" # Optional, defaults to https://gitlab.com
  13. projectID: "42" # Numeric ID or unescaped path e.g. group/project. Mutually exclusive with groupID.
  14. # groupID: "7" # Use instead of projectID to create a group deploy token.
  15. name: "eso-managed"
  16. scopes:
  17. - read_repository
  18. - read_registry
  19. expiresAt: "2027-01-01T00:00:00Z" # Optional
  20. username: "eso" # Optional, GitLab defaults to gitlab+deploy-token-{n}
  21. auth:
  22. token:
  23. secretRef:
  24. name: gitlab-api-token
  25. key: token