| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253 |
- apiVersion: external-secrets.io/v1
- kind: SecretStore
- metadata:
- name: infisical
- spec:
- provider:
- infisical:
- # Optional (default: https://app.infisical.com).
- #
- # Override this if you are using a different Infisical instance.
- hostAPI: https://app.infisical.com
- # Optional: PEM-encoded CA bundle for self-hosted instances with private CAs.
- # caBundle: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0t..."
- # Optional: Reference to Secret or ConfigMap containing CA certificate.
- # Mutually exclusive with caBundle.
- # caProvider:
- # type: Secret # or ConfigMap
- # name: infisical-ca
- # key: ca.crt
- # # namespace is required for ClusterSecretStore
- # # namespace: external-secrets
- auth:
- universalAuthCredentials:
- clientId:
- key: clientId
- namespace: default
- name: universal-auth-credentials
- clientSecret:
- key: clientSecret
- namespace: default
- name: universal-auth-credentials
- secretsScope:
- projectSlug: first-project-fujo
- # "dev", "staging", "prod", etc.
- environmentSlug: dev
- # Optional (default: `/`).
- #
- # Secrets will only be retrieved from this path for `data` and `dataFrom` rules. When a
- # `data` `remoteRef` uses a path (e.g. `/foo/bar`), that reference will use an absolute
- # reference and disregard this default.
- #
- # If you need to prevent access to secrets outside of this path, rely on instead setting
- # Access Controls in Infisical.
- secretsPath: /
- # Optional (default: false).
- #
- # When recursive is enabled, secrets retrieved using `dataFrom` patterns will fetch all secrets recursive.
- recursive: false
- # optional
- expandSecretReferences: false # Default is true
|
