logic855
/
helm-external-secrets
mirror of https://github.com/external-secrets/external-secrets


			
				
					
						
						
							12345678910111213141516171819202122232425262728293031323334353637383940
							apiVersion: external-secrets.io/v1
kind: SecretStore
metadata:
  name: infisical
spec:
  provider:
    infisical:
      # Optional (default: https://app.infisical.com).
      #
      # Override this if you are using a different Infisical instance.
      hostAPI: https://app.infisical.com
      auth:
        universalAuthCredentials:
          clientId:
            key: clientId
            namespace: default
            name: universal-auth-credentials
          clientSecret:
            key: clientSecret
            namespace: default
            name: universal-auth-credentials
      secretsScope:
        projectSlug: first-project-fujo
        # "dev", "staging", "prod", etc.
        environmentSlug: dev
        # Optional (default: `/`).
        #
        # Secrets will only be retrieved from this path for `data` and `dataFrom` rules. When a
        # `data` `remoteRef` uses a path (e.g. `/foo/bar`), that reference will use an absolute
        # reference and disregard this default.
        #
        # If you need to prevent access to secrets outside of this path, rely on instead setting
        # Access Controls in Infisical.
        secretsPath: /
        # Optional (default: false).
        #
        # When recursive is enabled, secrets retrieved using `dataFrom` patterns will fetch all secrets recursive.
        recursive: false
        # optional
        expandSecretReferences: false # Default is true