logic855
/
helm-external-secrets
mirror of https://github.com/external-secrets/external-secrets


			
				
					
						
						
							1234567891011121314151617181920212223242526272829303132
							apiVersion: v1
kind: Secret
metadata:
  name: source-secret
stringData:
  source-key: "my-secret"
---
apiVersion: external-secrets.io/v1alpha1
kind: PushSecret
metadata:
  name: pushsecret-example # Customisable
spec:
  deletionPolicy: Delete
  refreshInterval: 1h
  secretStoreRefs:
    - name: 1password
      kind: ClusterSecretStore
  selector:
    secret:
      name: source-secret # Source Kubernetes secret
  data:
    - match:
        secretKey: source-key # Source Kubernetes secret key to be pushed
        remoteRef:
          remoteKey: 1pw-secret-name # 1Password item/secret name
          property: password         # (Optional) 1Password field type, default password
      metadata:
        apiVersion: kubernetes.external-secrets.io/v1alpha1
        kind: PushSecretMetadata
        spec:
          vault: staging            # Optional the vault the secret is going to be pushed to, defaults to the first defined vault in the (Cluster)SecretStore
          tags: ["tag1", "tag2"]    # Optional metadata to be pushed with the secret