| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071 |
- apiVersion: external-secrets.io/v1beta1
- kind: ExternalSecret
- metadata:
- name: example
- spec:
- refreshInterval: 1h # rate SecretManager pulls KeeperSrucity
- secretStoreRef:
- kind: SecretStore
- name: example # name of the SecretStore (or kind specified)
- target:
- name: secret-to-be-created # name of the k8s Secret to be created
- creationPolicy: Owner
- dataFrom:
- - extract:
- key: OqPt3Vd37My7G8rTb-8Q # ID of the Keeper Record
- ---
- apiVersion: external-secrets.io/v1beta1
- kind: ExternalSecret
- metadata:
- name: regcred
- namespace: external-secrets
- spec:
- refreshInterval: 1m
- secretStoreRef:
- name: keeper
- kind: ClusterSecretStore
- target:
- name: regcred
- creationPolicy: Owner
- template:
- engineVersion: v2
- type: kubernetes.io/dockerconfigjson
- data:
- .dockerconfigjson: "{\"auths\":{\"registry.example.com\":{\"username\":\"{{ .username }}\",\"password\":\"{{ .password }}\",\"auth\":\"{{(printf \"%s:%s\" .username .password) | b64enc }}\"}}}"
- data:
- - secretKey: username
- remoteRef:
- key: OqPt3Vd37My7G8rTb-8Q
- property: login
- - secretKey: password
- remoteRef:
- key: OqPt3Vd37My7G8rTb-8Q
- property: password
- ---
- apiVersion: external-secrets.io/v1beta1
- kind: ExternalSecret
- metadata:
- name: config
- namespace: external-secrets
- spec:
- refreshInterval: 1m
- secretStoreRef:
- name: keeper
- kind: ClusterSecretStore
- target:
- name: credentials
- creationPolicy: Owner
- template:
- engineVersion: v2
- data:
- username: "{{ .login }}"
- password: "{{ .password }}"
- data:
- - secretKey: login
- remoteRef:
- key: OqPt3Vd37My7G8rTb-8Q
- property: login
- - secretKey: password
- remoteRef:
- key: OqPt3Vd37My7G8rTb-8Q
- property: password
|
