helm-external-secrets/v0.10.2/examples/gitops-using-fluxcd/index.html

<!doctype html>
<html lang="en" class="no-js">
  <head>
    
      <meta charset="utf-8">
      <meta name="viewport" content="width=device-width,initial-scale=1">
      
      
      
      
        <link rel="prev" href="../../provider/infisical/">
      
      
        <link rel="next" href="../anchore-engine-credentials/">
      
      
      <link rel="icon" href="../../pictures/eso-round-logo.svg">
      <meta name="generator" content="mkdocs-1.6.0, mkdocs-material-9.5.33">
    
    
      
        <title>FluxCD - External Secrets Operator</title>
      
    
    
      <link rel="stylesheet" href="../../assets/stylesheets/main.3cba04c6.min.css">
      
      


    
    
      
    
    
      
        
        
        <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
        <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback">
        <style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style>
      
    
    
    <script>__md_scope=new URL("../..",location),__md_hash=e=>[...e].reduce((e,_)=>(e<<5)-e+_.charCodeAt(0),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script>
    
      
  


  
  

<script id="__analytics">function __md_analytics(){function n(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],n("js",new Date),n("config","G-QP38TD8K7V"),document.addEventListener("DOMContentLoaded",function(){document.forms.search&&document.forms.search.query.addEventListener("blur",function(){this.value&&n("event","search",{search_term:this.value})}),document$.subscribe(function(){var a=document.forms.feedback;if(void 0!==a)for(var e of a.querySelectorAll("[type=submit]"))e.addEventListener("click",function(e){e.preventDefault();var t=document.location.pathname,e=this.getAttribute("data-md-value");n("event","feedback",{page:t,data:e}),a.firstElementChild.disabled=!0;e=a.querySelector(".md-feedback__note [data-md-value='"+e+"']");e&&(e.hidden=!1)}),a.hidden=!1}),location$.subscribe(function(e){n("config","G-QP38TD8K7V",{page_path:e.pathname})})});var e=document.createElement("script");e.async=!0,e.src="https://www.googletagmanager.com/gtag/js?id=G-QP38TD8K7V",document.getElementById("__analytics").insertAdjacentElement("afterEnd",e)}</script>
  
    <script>"undefined"!=typeof __md_analytics&&__md_analytics()</script>
  

    
    
    
  </head>
  
  
    <body dir="ltr">
  
    
    <input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
    <input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
    <label class="md-overlay" for="__drawer"></label>
    <div data-md-component="skip">
      
        
        <a href="#gitops-using-fluxcd-v2" class="md-skip">
          Skip to content
        </a>
      
    </div>
    <div data-md-component="announce">
      
    </div>
    
      <div data-md-color-scheme="default" data-md-component="outdated" hidden>
        
          <aside class="md-banner md-banner--warning">
            <div class="md-banner__inner md-grid md-typeset">
              
  You're not viewing the latest version.
  <a href="../../..">
    <strong>Click here to go to latest.</strong>
  </a>

            </div>
            <script>var el=document.querySelector("[data-md-component=outdated]"),outdated=__md_get("__outdated",sessionStorage);!0===outdated&&el&&(el.hidden=!1)</script>
          </aside>
        
      </div>
    
    
      

<header class="md-header" data-md-component="header">
  <nav class="md-header__inner md-grid" aria-label="Header">
    <a href="../.." title="External Secrets Operator" class="md-header__button md-logo" aria-label="External Secrets Operator" data-md-component="logo">
      
  <img src="../../pictures/eso-round-logo.svg" alt="logo">

    </a>
    <label class="md-header__button md-icon" for="__drawer">
      
      <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2Z"/></svg>
    </label>
    <div class="md-header__title" data-md-component="header-title">
      <div class="md-header__ellipsis">
        <div class="md-header__topic">
          <span class="md-ellipsis">
            External Secrets Operator
          </span>
        </div>
        <div class="md-header__topic" data-md-component="header-topic">
          <span class="md-ellipsis">
            
              FluxCD
            
          </span>
        </div>
      </div>
    </div>
    
    
      <script>var media,input,key,value,palette=__md_get("__palette");if(palette&&palette.color){"(prefers-color-scheme)"===palette.color.media&&(media=matchMedia("(prefers-color-scheme: light)"),input=document.querySelector(media.matches?"[data-md-color-media='(prefers-color-scheme: light)']":"[data-md-color-media='(prefers-color-scheme: dark)']"),palette.color.media=input.getAttribute("data-md-color-media"),palette.color.scheme=input.getAttribute("data-md-color-scheme"),palette.color.primary=input.getAttribute("data-md-color-primary"),palette.color.accent=input.getAttribute("data-md-color-accent"));for([key,value]of Object.entries(palette.color))document.body.setAttribute("data-md-color-"+key,value)}</script>
    
    
    
      <label class="md-header__button md-icon" for="__search">
        
        <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
      </label>
      <div class="md-search" data-md-component="search" role="dialog">
  <label class="md-search__overlay" for="__search"></label>
  <div class="md-search__inner" role="search">
    <form class="md-search__form" name="search">
      <input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required>
      <label class="md-search__icon md-icon" for="__search">
        
        <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
        
        <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg>
      </label>
      <nav class="md-search__options" aria-label="Search">
        
        <button type="reset" class="md-search__icon md-icon" title="Clear" aria-label="Clear" tabindex="-1">
          
          <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"/></svg>
        </button>
      </nav>
      
    </form>
    <div class="md-search__output">
      <div class="md-search__scrollwrap" tabindex="0" data-md-scrollfix>
        <div class="md-search-result" data-md-component="search-result">
          <div class="md-search-result__meta">
            Initializing search
          </div>
          <ol class="md-search-result__list" role="presentation"></ol>
        </div>
      </div>
    </div>
  </div>
</div>
    
    
      <div class="md-header__source">
        <a href="https://github.com/external-secrets/external-secrets" title="Go to repository" class="md-source" data-md-component="source">
  <div class="md-source__icon md-icon">
    
    <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.6.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2024 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
  </div>
  <div class="md-source__repository">
    External Secrets Operator
  </div>
</a>
      </div>
    
  </nav>
  
</header>
    
    <div class="md-container" data-md-component="container">
      
      
        
          
            
<nav class="md-tabs" aria-label="Tabs" data-md-component="tabs">
  <div class="md-grid">
    <ul class="md-tabs__list">
      
        
  
  
  
    
    
      <li class="md-tabs__item">
        <a href="../.." class="md-tabs__link">
          
  
    
  
  Introduction

        </a>
      </li>
    
  

      
        
  
  
  
    
    
      <li class="md-tabs__item">
        <a href="../../api/components/" class="md-tabs__link">
          
  
    
  
  API

        </a>
      </li>
    
  

      
        
  
  
  
    
    
      <li class="md-tabs__item">
        <a href="../../guides/introduction/" class="md-tabs__link">
          
  
    
  
  Guides

        </a>
      </li>
    
  

      
        
  
  
  
    
    
      <li class="md-tabs__item">
        <a href="../../provider/aws-secrets-manager/" class="md-tabs__link">
          
  
    
  
  Provider

        </a>
      </li>
    
  

      
        
  
  
    
  
  
    
    
      <li class="md-tabs__item md-tabs__item--active">
        <a href="./" class="md-tabs__link">
          
  
    
  
  Examples

        </a>
      </li>
    
  

      
        
  
  
  
    
    
      
  
  
  
    
    
      <li class="md-tabs__item">
        <a href="../../contributing/devguide/" class="md-tabs__link">
          
  
    
  
  Community

        </a>
      </li>
    
  

    
  

      
        
  
  
  
    
    
      <li class="md-tabs__item">
        <a href="../../spec/" class="md-tabs__link">
          
  
    
  
  References

        </a>
      </li>
    
  

      
    </ul>
  </div>
</nav>
          
        
      
      <main class="md-main" data-md-component="main">
        <div class="md-main__inner md-grid">
          
            
              
              <div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" >
                <div class="md-sidebar__scrollwrap">
                  <div class="md-sidebar__inner">
                    


  


<nav class="md-nav md-nav--primary md-nav--lifted" aria-label="Navigation" data-md-level="0">
  <label class="md-nav__title" for="__drawer">
    <a href="../.." title="External Secrets Operator" class="md-nav__button md-logo" aria-label="External Secrets Operator" data-md-component="logo">
      
  <img src="../../pictures/eso-round-logo.svg" alt="logo">

    </a>
    External Secrets Operator
  </label>
  
    <div class="md-nav__source">
      <a href="https://github.com/external-secrets/external-secrets" title="Go to repository" class="md-source" data-md-component="source">
  <div class="md-source__icon md-icon">
    
    <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.6.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2024 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
  </div>
  <div class="md-source__repository">
    External Secrets Operator
  </div>
</a>
    </div>
  
  <ul class="md-nav__list" data-md-scrollfix>
    
      
      
  
  
  
  
    
    
      
        
          
        
      
        
      
        
      
        
      
        
      
        
      
    
    
      
      
    
    
    <li class="md-nav__item md-nav__item--nested">
      
        
        
          
        
        <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_1" >
        
          
          
          <div class="md-nav__link md-nav__container">
            <a href="../.." class="md-nav__link ">
              
  
  <span class="md-ellipsis">
    Introduction
  </span>
  

            </a>
            
              
              <label class="md-nav__link " for="__nav_1" id="__nav_1_label" tabindex="0">
                <span class="md-nav__icon md-icon"></span>
              </label>
            
          </div>
        
        <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_1_label" aria-expanded="false">
          <label class="md-nav__title" for="__nav_1">
            <span class="md-nav__icon md-icon"></span>
            Introduction
          </label>
          <ul class="md-nav__list" data-md-scrollfix>
            
              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../introduction/overview/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Overview
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../introduction/getting-started/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Getting started
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../introduction/faq/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    FAQ
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../introduction/stability-support/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Stability and Support
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../introduction/deprecation-policy/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Deprecation Policy
  </span>
  

      </a>
    </li>
  

              
            
          </ul>
        </nav>
      
    </li>
  

    
      
      
  
  
  
  
    
    
      
        
      
        
      
        
      
        
      
    
    
      
      
    
    
    <li class="md-nav__item md-nav__item--nested">
      
        
        
          
        
        <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_2" >
        
          
          <label class="md-nav__link" for="__nav_2" id="__nav_2_label" tabindex="0">
            
  
  <span class="md-ellipsis">
    API
  </span>
  

            <span class="md-nav__icon md-icon"></span>
          </label>
        
        <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_2_label" aria-expanded="false">
          <label class="md-nav__title" for="__nav_2">
            <span class="md-nav__icon md-icon"></span>
            API
          </label>
          <ul class="md-nav__list" data-md-scrollfix>
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../api/components/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Components
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    
    
      
        
      
        
      
        
      
        
      
        
      
    
    
      
      
    
    
    <li class="md-nav__item md-nav__item--nested">
      
        
        
          
        
        <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_2_2" >
        
          
          <label class="md-nav__link" for="__nav_2_2" id="__nav_2_2_label" tabindex="0">
            
  
  <span class="md-ellipsis">
    Core Resources
  </span>
  

            <span class="md-nav__icon md-icon"></span>
          </label>
        
        <nav class="md-nav" data-md-level="2" aria-labelledby="__nav_2_2_label" aria-expanded="false">
          <label class="md-nav__title" for="__nav_2_2">
            <span class="md-nav__icon md-icon"></span>
            Core Resources
          </label>
          <ul class="md-nav__list" data-md-scrollfix>
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../api/externalsecret/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    ExternalSecret
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../api/secretstore/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    SecretStore
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../api/clustersecretstore/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    ClusterSecretStore
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../api/clusterexternalsecret/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    ClusterExternalSecret
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../api/pushsecret/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    PushSecret
  </span>
  

      </a>
    </li>
  

              
            
          </ul>
        </nav>
      
    </li>
  

              
            
              
                
  
  
  
  
    
    
      
        
          
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
    
    
      
      
    
    
    <li class="md-nav__item md-nav__item--nested">
      
        
        
          
        
        <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_2_3" >
        
          
          
          <div class="md-nav__link md-nav__container">
            <a href="../../api/generator/" class="md-nav__link ">
              
  
  <span class="md-ellipsis">
    Generators
  </span>
  

            </a>
            
              
              <label class="md-nav__link " for="__nav_2_3" id="__nav_2_3_label" tabindex="0">
                <span class="md-nav__icon md-icon"></span>
              </label>
            
          </div>
        
        <nav class="md-nav" data-md-level="2" aria-labelledby="__nav_2_3_label" aria-expanded="false">
          <label class="md-nav__title" for="__nav_2_3">
            <span class="md-nav__icon md-icon"></span>
            Generators
          </label>
          <ul class="md-nav__list" data-md-scrollfix>
            
              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../api/generator/acr/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Azure Container Registry
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../api/generator/ecr/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    AWS Elastic Container Registry
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../api/generator/gcr/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Google Container Registry
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../api/generator/vault/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Vault Dynamic Secret
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../api/generator/password/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Password
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../api/generator/fake/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Fake
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../api/generator/webhook/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Webhook
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../api/generator/github/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Github
  </span>
  

      </a>
    </li>
  

              
            
          </ul>
        </nav>
      
    </li>
  

              
            
              
                
  
  
  
  
    
    
      
        
      
        
      
        
      
    
    
      
      
    
    
    <li class="md-nav__item md-nav__item--nested">
      
        
        
          
        
        <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_2_4" >
        
          
          <label class="md-nav__link" for="__nav_2_4" id="__nav_2_4_label" tabindex="0">
            
  
  <span class="md-ellipsis">
    Reference Docs
  </span>
  

            <span class="md-nav__icon md-icon"></span>
          </label>
        
        <nav class="md-nav" data-md-level="2" aria-labelledby="__nav_2_4_label" aria-expanded="false">
          <label class="md-nav__title" for="__nav_2_4">
            <span class="md-nav__icon md-icon"></span>
            Reference Docs
          </label>
          <ul class="md-nav__list" data-md-scrollfix>
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../api/spec/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    API specification
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../api/controller-options/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Controller Options
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../api/metrics/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Metrics
  </span>
  

      </a>
    </li>
  

              
            
          </ul>
        </nav>
      
    </li>
  

              
            
          </ul>
        </nav>
      
    </li>
  

    
      
      
  
  
  
  
    
    
      
        
      
        
      
        
      
        
      
        
      
    
    
      
      
    
    
    <li class="md-nav__item md-nav__item--nested">
      
        
        
          
        
        <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_3" >
        
          
          <label class="md-nav__link" for="__nav_3" id="__nav_3_label" tabindex="0">
            
  
  <span class="md-ellipsis">
    Guides
  </span>
  

            <span class="md-nav__icon md-icon"></span>
          </label>
        
        <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_3_label" aria-expanded="false">
          <label class="md-nav__title" for="__nav_3">
            <span class="md-nav__icon md-icon"></span>
            Guides
          </label>
          <ul class="md-nav__list" data-md-scrollfix>
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../guides/introduction/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Introduction
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    
    
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
    
    
      
      
    
    
    <li class="md-nav__item md-nav__item--nested">
      
        
        
          
        
        <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_3_2" >
        
          
          <label class="md-nav__link" for="__nav_3_2" id="__nav_3_2_label" tabindex="0">
            
  
  <span class="md-ellipsis">
    External Secrets
  </span>
  

            <span class="md-nav__icon md-icon"></span>
          </label>
        
        <nav class="md-nav" data-md-level="2" aria-labelledby="__nav_3_2_label" aria-expanded="false">
          <label class="md-nav__title" for="__nav_3_2">
            <span class="md-nav__icon md-icon"></span>
            External Secrets
          </label>
          <ul class="md-nav__list" data-md-scrollfix>
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../guides/all-keys-one-secret/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Extract structured data
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../guides/getallsecrets/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Find Secrets by Name or Metadata
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../guides/datafrom-rewrite/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Rewriting Keys
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    
    
      
        
      
        
      
    
    
      
      
    
    
    <li class="md-nav__item md-nav__item--nested">
      
        
        
          
        
        <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_3_2_4" >
        
          
          <label class="md-nav__link" for="__nav_3_2_4" id="__nav_3_2_4_label" tabindex="0">
            
  
  <span class="md-ellipsis">
    Advanced Templating
  </span>
  

            <span class="md-nav__icon md-icon"></span>
          </label>
        
        <nav class="md-nav" data-md-level="3" aria-labelledby="__nav_3_2_4_label" aria-expanded="false">
          <label class="md-nav__title" for="__nav_3_2_4">
            <span class="md-nav__icon md-icon"></span>
            Advanced Templating
          </label>
          <ul class="md-nav__list" data-md-scrollfix>
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../guides/templating/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    v2
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../guides/templating-v1/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    v1
  </span>
  

      </a>
    </li>
  

              
            
          </ul>
        </nav>
      
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../guides/common-k8s-secret-types/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Kubernetes Secret Types
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../guides/ownership-deletion-policy/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Lifecycle: ownership & deletion
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../guides/decoding-strategy/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Decoding Strategies
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../guides/controller-class/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Controller Classes
  </span>
  

      </a>
    </li>
  

              
            
          </ul>
        </nav>
      
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../guides/generator/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Generators
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../guides/pushsecrets/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Push Secrets
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    
    
      
        
      
        
      
        
      
        
      
        
      
        
      
    
    
      
      
    
    
    <li class="md-nav__item md-nav__item--nested">
      
        
        
          
        
        <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_3_5" >
        
          
          <label class="md-nav__link" for="__nav_3_5" id="__nav_3_5_label" tabindex="0">
            
  
  <span class="md-ellipsis">
    Operations
  </span>
  

            <span class="md-nav__icon md-icon"></span>
          </label>
        
        <nav class="md-nav" data-md-level="2" aria-labelledby="__nav_3_5_label" aria-expanded="false">
          <label class="md-nav__title" for="__nav_3_5">
            <span class="md-nav__icon md-icon"></span>
            Operations
          </label>
          <ul class="md-nav__list" data-md-scrollfix>
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../guides/multi-tenancy/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Multi Tenancy
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../guides/security-best-practices/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Security Best Practices
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../guides/threat-model/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Threat Model
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../guides/v1beta1/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Upgrading to v1beta1
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../guides/using-latest-image/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Using Latest Image
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../guides/disable-cluster-features/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Disable Cluster Features
  </span>
  

      </a>
    </li>
  

              
            
          </ul>
        </nav>
      
    </li>
  

              
            
          </ul>
        </nav>
      
    </li>
  

    
      
      
  
  
  
  
    
    
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
        
      
    
    
      
      
    
    
    <li class="md-nav__item md-nav__item--nested">
      
        
        
          
        
        <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_4" >
        
          
          <label class="md-nav__link" for="__nav_4" id="__nav_4_label" tabindex="0">
            
  
  <span class="md-ellipsis">
    Provider
  </span>
  

            <span class="md-nav__icon md-icon"></span>
          </label>
        
        <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_4_label" aria-expanded="false">
          <label class="md-nav__title" for="__nav_4">
            <span class="md-nav__icon md-icon"></span>
            Provider
          </label>
          <ul class="md-nav__list" data-md-scrollfix>
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/aws-secrets-manager/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    AWS Secrets Manager
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/aws-parameter-store/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    AWS Parameter Store
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/azure-key-vault/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Azure Key Vault
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/bitwarden-secrets-manager/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Bitwarden Secrets Manager
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/chef/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Chef
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/conjur/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    CyberArk Conjur
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/device42/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Device42
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/google-secrets-manager/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Google Cloud Secret Manager
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/hashicorp-vault/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    HashiCorp Vault
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/kubernetes/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Kubernetes
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/ibm-secrets-manager/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    IBM Secrets Manager
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/akeyless/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Akeyless
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/yandex-certificate-manager/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Yandex Certificate Manager
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/yandex-lockbox/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Yandex Lockbox
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/alibaba/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Alibaba Cloud
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/gitlab-variables/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    GitLab Variables
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/oracle-vault/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Oracle Vault
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/1password-automation/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    1Password Secrets Automation
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/webhook/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Webhook
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/fake/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Fake
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/senhasegura-dsm/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    senhasegura DevOps Secrets Management (DSM)
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/doppler/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Doppler
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/keeper-security/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Keeper Security
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/cloak/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Cloak End 2 End Encrypted Secrets
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/scaleway/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Scaleway
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/delinea/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Delinea
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/delinea/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Delinea
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/passbolt/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Passbolt
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/pulumi/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Pulumi ESC
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/onboardbase/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Onboardbase
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider-passworddepot/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Password Depot
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/fortanix/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Fortanix
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../provider/infisical/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Infisical
  </span>
  

      </a>
    </li>
  

              
            
          </ul>
        </nav>
      
    </li>
  

    
      
      
  
  
    
  
  
  
    
    
      
        
      
        
      
        
      
        
      
    
    
      
        
        
      
      
    
    
    <li class="md-nav__item md-nav__item--active md-nav__item--section md-nav__item--nested">
      
        
        
        <input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_5" checked>
        
          
          <label class="md-nav__link" for="__nav_5" id="__nav_5_label" tabindex="">
            
  
  <span class="md-ellipsis">
    Examples
  </span>
  

            <span class="md-nav__icon md-icon"></span>
          </label>
        
        <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_5_label" aria-expanded="true">
          <label class="md-nav__title" for="__nav_5">
            <span class="md-nav__icon md-icon"></span>
            Examples
          </label>
          <ul class="md-nav__list" data-md-scrollfix>
            
              
                
  
  
    
  
  
  
    <li class="md-nav__item md-nav__item--active">
      
      <input class="md-nav__toggle md-toggle" type="checkbox" id="__toc">
      
      
        
      
      
        <label class="md-nav__link md-nav__link--active" for="__toc">
          
  
  <span class="md-ellipsis">
    FluxCD
  </span>
  

          <span class="md-nav__icon md-icon"></span>
        </label>
      
      <a href="./" class="md-nav__link md-nav__link--active">
        
  
  <span class="md-ellipsis">
    FluxCD
  </span>
  

      </a>
      
        

<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
  
  
  
    
  
  
    <label class="md-nav__title" for="__toc">
      <span class="md-nav__icon md-icon"></span>
      Table of contents
    </label>
    <ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
      
        <li class="md-nav__item">
  <a href="#advantages" class="md-nav__link">
    <span class="md-ellipsis">
      Advantages
    </span>
  </a>
  
</li>
      
        <li class="md-nav__item">
  <a href="#the-approach" class="md-nav__link">
    <span class="md-ellipsis">
      The approach
    </span>
  </a>
  
</li>
      
        <li class="md-nav__item">
  <a href="#the-problem" class="md-nav__link">
    <span class="md-ellipsis">
      The problem
    </span>
  </a>
  
</li>
      
        <li class="md-nav__item">
  <a href="#the-solution" class="md-nav__link">
    <span class="md-ellipsis">
      The solution
    </span>
  </a>
  
</li>
      
        <li class="md-nav__item">
  <a href="#create-the-main-kustomization" class="md-nav__link">
    <span class="md-ellipsis">
      Create the main kustomization
    </span>
  </a>
  
</li>
      
        <li class="md-nav__item">
  <a href="#create-the-secret" class="md-nav__link">
    <span class="md-ellipsis">
      Create the secret
    </span>
  </a>
  
</li>
      
        <li class="md-nav__item">
  <a href="#creating-the-references-to-repositories" class="md-nav__link">
    <span class="md-ellipsis">
      Creating the references to repositories
    </span>
  </a>
  
</li>
      
        <li class="md-nav__item">
  <a href="#deploy-the-crds" class="md-nav__link">
    <span class="md-ellipsis">
      Deploy the CRDs
    </span>
  </a>
  
</li>
      
        <li class="md-nav__item">
  <a href="#deploy-the-operator" class="md-nav__link">
    <span class="md-ellipsis">
      Deploy the operator
    </span>
  </a>
  
</li>
      
        <li class="md-nav__item">
  <a href="#deploy-the-crs" class="md-nav__link">
    <span class="md-ellipsis">
      Deploy the CRs
    </span>
  </a>
  
</li>
      
        <li class="md-nav__item">
  <a href="#results" class="md-nav__link">
    <span class="md-ellipsis">
      Results
    </span>
  </a>
  
</li>
      
    </ul>
  
</nav>
      
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../anchore-engine-credentials/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Anchore Engine
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../jenkins-kubernetes-credentials/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Jenkins
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../bitwarden/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    BitWarden
  </span>
  

      </a>
    </li>
  

              
            
          </ul>
        </nav>
      
    </li>
  

    
      
      
  
  
  
  
    
    
      
        
      
        
      
    
    
      
      
    
    
    <li class="md-nav__item md-nav__item--nested">
      
        
        
          
        
        <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_6" >
        
          
          <label class="md-nav__link" for="__nav_6" id="__nav_6_label" tabindex="0">
            
  
  <span class="md-ellipsis">
    Community
  </span>
  

            <span class="md-nav__icon md-icon"></span>
          </label>
        
        <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_6_label" aria-expanded="false">
          <label class="md-nav__title" for="__nav_6">
            <span class="md-nav__icon md-icon"></span>
            Community
          </label>
          <ul class="md-nav__list" data-md-scrollfix>
            
              
                
  
  
  
  
    
    
      
        
      
        
      
        
      
        
      
        
      
    
    
      
      
    
    
    <li class="md-nav__item md-nav__item--nested">
      
        
        
          
        
        <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_6_1" >
        
          
          <label class="md-nav__link" for="__nav_6_1" id="__nav_6_1_label" tabindex="0">
            
  
  <span class="md-ellipsis">
    Contributing
  </span>
  

            <span class="md-nav__icon md-icon"></span>
          </label>
        
        <nav class="md-nav" data-md-level="2" aria-labelledby="__nav_6_1_label" aria-expanded="false">
          <label class="md-nav__title" for="__nav_6_1">
            <span class="md-nav__icon md-icon"></span>
            Contributing
          </label>
          <ul class="md-nav__list" data-md-scrollfix>
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../contributing/devguide/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Developer guide
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../contributing/process/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Contributing Process
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../contributing/release/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Release Process
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../contributing/coc/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Code of Conduct
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../contributing/roadmap/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Roadmap
  </span>
  

      </a>
    </li>
  

              
            
          </ul>
        </nav>
      
    </li>
  

              
            
              
                
  
  
  
  
    
    
      
        
      
        
      
        
      
    
    
      
      
    
    
    <li class="md-nav__item md-nav__item--nested">
      
        
        
          
        
        <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_6_2" >
        
          
          <label class="md-nav__link" for="__nav_6_2" id="__nav_6_2_label" tabindex="0">
            
  
  <span class="md-ellipsis">
    External Resources
  </span>
  

            <span class="md-nav__icon md-icon"></span>
          </label>
        
        <nav class="md-nav" data-md-level="2" aria-labelledby="__nav_6_2_label" aria-expanded="false">
          <label class="md-nav__title" for="__nav_6_2">
            <span class="md-nav__icon md-icon"></span>
            External Resources
          </label>
          <ul class="md-nav__list" data-md-scrollfix>
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../eso-talks/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Talks
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../eso-demos/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Demos
  </span>
  

      </a>
    </li>
  

              
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../eso-blogs/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    Blogs
  </span>
  

      </a>
    </li>
  

              
            
          </ul>
        </nav>
      
    </li>
  

              
            
          </ul>
        </nav>
      
    </li>
  

    
      
      
  
  
  
  
    
    
      
        
      
    
    
      
      
    
    
    <li class="md-nav__item md-nav__item--nested">
      
        
        
          
        
        <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_7" >
        
          
          <label class="md-nav__link" for="__nav_7" id="__nav_7_label" tabindex="0">
            
  
  <span class="md-ellipsis">
    References
  </span>
  

            <span class="md-nav__icon md-icon"></span>
          </label>
        
        <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_7_label" aria-expanded="false">
          <label class="md-nav__title" for="__nav_7">
            <span class="md-nav__icon md-icon"></span>
            References
          </label>
          <ul class="md-nav__list" data-md-scrollfix>
            
              
                
  
  
  
  
    <li class="md-nav__item">
      <a href="../../spec/" class="md-nav__link">
        
  
  <span class="md-ellipsis">
    API specification
  </span>
  

      </a>
    </li>
  

              
            
          </ul>
        </nav>
      
    </li>
  

    
  </ul>
</nav>
                  </div>
                </div>
              </div>
            
            
              
              <div class="md-sidebar md-sidebar--secondary" data-md-component="sidebar" data-md-type="toc" >
                <div class="md-sidebar__scrollwrap">
                  <div class="md-sidebar__inner">
                    

<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
  
  
  
    
  
  
    <label class="md-nav__title" for="__toc">
      <span class="md-nav__icon md-icon"></span>
      Table of contents
    </label>
    <ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
      
        <li class="md-nav__item">
  <a href="#advantages" class="md-nav__link">
    <span class="md-ellipsis">
      Advantages
    </span>
  </a>
  
</li>
      
        <li class="md-nav__item">
  <a href="#the-approach" class="md-nav__link">
    <span class="md-ellipsis">
      The approach
    </span>
  </a>
  
</li>
      
        <li class="md-nav__item">
  <a href="#the-problem" class="md-nav__link">
    <span class="md-ellipsis">
      The problem
    </span>
  </a>
  
</li>
      
        <li class="md-nav__item">
  <a href="#the-solution" class="md-nav__link">
    <span class="md-ellipsis">
      The solution
    </span>
  </a>
  
</li>
      
        <li class="md-nav__item">
  <a href="#create-the-main-kustomization" class="md-nav__link">
    <span class="md-ellipsis">
      Create the main kustomization
    </span>
  </a>
  
</li>
      
        <li class="md-nav__item">
  <a href="#create-the-secret" class="md-nav__link">
    <span class="md-ellipsis">
      Create the secret
    </span>
  </a>
  
</li>
      
        <li class="md-nav__item">
  <a href="#creating-the-references-to-repositories" class="md-nav__link">
    <span class="md-ellipsis">
      Creating the references to repositories
    </span>
  </a>
  
</li>
      
        <li class="md-nav__item">
  <a href="#deploy-the-crds" class="md-nav__link">
    <span class="md-ellipsis">
      Deploy the CRDs
    </span>
  </a>
  
</li>
      
        <li class="md-nav__item">
  <a href="#deploy-the-operator" class="md-nav__link">
    <span class="md-ellipsis">
      Deploy the operator
    </span>
  </a>
  
</li>
      
        <li class="md-nav__item">
  <a href="#deploy-the-crs" class="md-nav__link">
    <span class="md-ellipsis">
      Deploy the CRs
    </span>
  </a>
  
</li>
      
        <li class="md-nav__item">
  <a href="#results" class="md-nav__link">
    <span class="md-ellipsis">
      Results
    </span>
  </a>
  
</li>
      
    </ul>
  
</nav>
                  </div>
                </div>
              </div>
            
          
          
            <div class="md-content" data-md-component="content">
              <article class="md-content__inner md-typeset">
                
                  

  
  


<h1 id="gitops-using-fluxcd-v2">GitOps using FluxCD (v2)</h1>
<p>FluxCD is a GitOps operator for Kubernetes. It synchronizes the status of the cluster from manifests allocated in
different repositories (Git or Helm). This approach fits perfectly with External Secrets on clusters which are dynamically
created, to get credentials with no manual intervention from the beginning.</p>
<h2 id="advantages">Advantages</h2>
<p>This approach has several advantages as follows:</p>
<ul>
<li><strong>Homogenize environments</strong> allowing developers to use the same toolset in Kind in the same way they do in the cloud
  provider distributions such as EKS or GKE. This accelerates the development</li>
<li><strong>Reduce security risks</strong>, because credentials can be easily obtained, so temptation to store them locally is reduced.</li>
<li><strong>Application compatibility increase</strong>: Applications are deployed in different ways, and sometimes they need to share
  credentials. This can be done using External Secrets as a wire for them at real time.</li>
<li><strong>Automation by default</strong> oh, come on!</li>
</ul>
<h2 id="the-approach">The approach</h2>
<p>FluxCD is composed by several controllers dedicated to manage different custom resources. The most important
ones are <strong>Kustomization</strong> (to clarify, Flux one, not Kubernetes' one) and <strong>HelmRelease</strong> to deploy using the approaches
of the same names.</p>
<p>External Secrets can be deployed using Helm <a href="../../introduction/getting-started/">as explained here</a>. The deployment includes the
CRDs if enabled on the <code>values.yaml</code>, but after this, you need to deploy some <code>SecretStore</code> to start
getting credentials from your secrets manager with External Secrets.</p>
<blockquote>
<p>The idea of this guide is to deploy the whole stack, using flux, needed by developers not to worry about the credentials,
but only about the application and its code.</p>
</blockquote>
<h2 id="the-problem">The problem</h2>
<p>This can sound easy, but External Secrets is deployed using Helm, which is managed by the HelmController,
and your custom resources, for example a <code>ClusterSecretStore</code> and the related <code>Secret</code>, are often deployed using a
<code>kustomization.yaml</code>, which is deployed by the KustomizeController.</p>
<p>Both controllers manage the resources independently, at different moments, with no possibility to wait each other.
This means that we have a wonderful race condition where sometimes the CRs (<code>SecretStore</code>,<code>ClusterSecretStore</code>...) tries
to be deployed before than the CRDs needed to recognize them.</p>
<h2 id="the-solution">The solution</h2>
<p>Let's see the conditions to start working on a solution:</p>
<ul>
<li>The External Secrets operator is deployed with Helm, and admits disabling the CRDs deployment</li>
<li>The race condition only affects the deployment of <code>CustomResourceDefinition</code> and the CRs needed later</li>
<li>CRDs can be deployed directly from the Git repository of the project using a Flux <code>Kustomization</code></li>
<li>Required CRs can be deployed using a Flux <code>Kustomization</code> too, allowing dependency between CRDs and CRs</li>
<li>All previous manifests can be applied with a Kubernetes <code>kustomization</code></li>
</ul>
<h2 id="create-the-main-kustomization">Create the main kustomization</h2>
<p>To have a better view of things needed later, the first manifest to be created is the <code>kustomization.yaml</code></p>
<div class="highlight"><pre><span></span><code><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">kustomize.config.k8s.io/v1beta1</span>
<span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Kustomization</span>

<span class="nt">resources</span><span class="p">:</span>
<span class="c1"># Deploy the Vault access secret</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">namespace.yaml</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">secret-token.yaml</span>

<span class="c1"># Deploy the repositories</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">repositories.yaml</span>

<span class="c1"># Deploy the CRDs</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">deployment-crds.yaml</span>

<span class="c1"># Deploy the operator</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">deployment.yaml</span>

<span class="c1"># Deploy default Custom Resources from &#39;crs&#39; directory</span>
<span class="c1"># INFO: This depends on the CRDs deployment. Will happen after it</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">deployment-crs.yaml</span>
</code></pre></div>
<h2 id="create-the-secret">Create the secret</h2>
<p>To access your secret manager, External Secrets needs some credentials. They are stored inside a Secret, which is intended
to be deployed by automation as a good practise. This time, a placeholder called <code>secret-token.yaml</code> is show as an example:</p>
<div class="highlight"><pre><span></span><code><span class="c1"># The namespace.yaml first</span>
<span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">v1</span>
<span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Namespace</span>
<span class="nt">metadata</span><span class="p">:</span>
<span class="w">  </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets</span>
</code></pre></div>
<div class="highlight"><pre><span></span><code><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">v1</span>
<span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Secret</span>
<span class="nt">metadata</span><span class="p">:</span>
<span class="w">  </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">vault-token-global</span>
<span class="w">  </span><span class="nt">namespace</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets</span>
<span class="nt">stringData</span><span class="p">:</span>
<span class="w">  </span><span class="c1"># This token must be patched by overlays. Not here for security reasons</span>
<span class="w">  </span><span class="nt">token</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">change-me-placeholder</span>
</code></pre></div>
<h2 id="creating-the-references-to-repositories">Creating the references to repositories</h2>
<p>Create a manifest called <code>repositories.yaml</code> to store the references to external repositories for Flux</p>
<div class="highlight"><pre><span></span><code><span class="c1"># Reference to Helm repository</span>
<span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">source.toolkit.fluxcd.io/v1beta1</span>
<span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">HelmRepository</span>
<span class="nt">metadata</span><span class="p">:</span>
<span class="w">  </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets</span>
<span class="w">  </span><span class="nt">namespace</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">flux-system</span>
<span class="nt">spec</span><span class="p">:</span>
<span class="w">  </span><span class="nt">interval</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">10m</span>
<span class="w">  </span><span class="nt">url</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">https://charts.external-secrets.io</span>
<span class="nn">---</span>
<span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">source.toolkit.fluxcd.io/v1beta1</span>
<span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">GitRepository</span>
<span class="nt">metadata</span><span class="p">:</span>
<span class="w">  </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets</span>
<span class="w">  </span><span class="nt">namespace</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">flux-system</span>
<span class="nt">spec</span><span class="p">:</span>
<span class="w">  </span><span class="nt">interval</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">10m</span>
<span class="w">  </span><span class="nt">ref</span><span class="p">:</span>
<span class="w">    </span><span class="nt">branch</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">main</span>
<span class="w">  </span><span class="nt">url</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">http://github.com/external-secrets/external-secrets</span>
</code></pre></div>
<h2 id="deploy-the-crds">Deploy the CRDs</h2>
<p>As mentioned, CRDs can be deployed using the official Helm package, but to solve the race condition, they will be deployed
from our git repository using a Kustomization manifest called <code>deployment-crds.yaml</code> as follows:</p>
<div class="highlight"><pre><span></span><code><span class="nn">---</span>
<span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">kustomize.toolkit.fluxcd.io/v1beta2</span>
<span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Kustomization</span>
<span class="nt">metadata</span><span class="p">:</span>
<span class="w">  </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets-crds</span>
<span class="w">  </span><span class="nt">namespace</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">flux-system</span>
<span class="nt">spec</span><span class="p">:</span>
<span class="w">  </span><span class="nt">interval</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">10m</span>
<span class="w">  </span><span class="nt">path</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">./deploy/crds</span>
<span class="w">  </span><span class="nt">prune</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class="w">  </span><span class="nt">sourceRef</span><span class="p">:</span>
<span class="w">    </span><span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">GitRepository</span>
<span class="w">    </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets</span>
</code></pre></div>
<h2 id="deploy-the-operator">Deploy the operator</h2>
<p>The operator is deployed using a HelmRelease manifest to deploy the Helm package, but due to the special race condition,
the deployment must be disabled in the <code>values</code> of the manifest called <code>deployment.yaml</code>, as follows:</p>
<div class="highlight"><pre><span></span><code><span class="c1"># How to manage values files. Ref: https://fluxcd.io/docs/guides/helmreleases/#refer-to-values-inside-the-chart</span>
<span class="c1"># How to inject values: https://fluxcd.io/docs/guides/helmreleases/#cloud-storage</span>
<span class="nn">---</span>
<span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">helm.toolkit.fluxcd.io/v2beta1</span>
<span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">HelmRelease</span>
<span class="nt">metadata</span><span class="p">:</span>
<span class="w">  </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets</span>
<span class="w">  </span><span class="nt">namespace</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">flux-system</span>
<span class="nt">spec</span><span class="p">:</span>
<span class="w">  </span><span class="c1"># Override Release name to avoid the pattern Namespace-Release</span>
<span class="w">  </span><span class="c1"># Ref: https://fluxcd.io/docs/components/helm/api/#helm.toolkit.fluxcd.io/v2beta1.HelmRelease</span>
<span class="w">  </span><span class="nt">releaseName</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets</span>
<span class="w">  </span><span class="nt">targetNamespace</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets</span>
<span class="w">  </span><span class="nt">interval</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">10m</span>
<span class="w">  </span><span class="nt">chart</span><span class="p">:</span>
<span class="w">    </span><span class="nt">spec</span><span class="p">:</span>
<span class="w">      </span><span class="nt">chart</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets</span>
<span class="w">      </span><span class="nt">version</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">0.9.4</span>
<span class="w">      </span><span class="nt">sourceRef</span><span class="p">:</span>
<span class="w">        </span><span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">HelmRepository</span>
<span class="w">        </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets</span>
<span class="w">        </span><span class="nt">namespace</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">flux-system</span>
<span class="w">  </span><span class="nt">values</span><span class="p">:</span>
<span class="w">    </span><span class="nt">installCRDs</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">false</span>

<span class="w">  </span><span class="c1"># Ref: https://fluxcd.io/docs/components/helm/api/#helm.toolkit.fluxcd.io/v2beta1.Install</span>
<span class="w">  </span><span class="nt">install</span><span class="p">:</span>
<span class="w">    </span><span class="nt">createNamespace</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
</code></pre></div>
<h2 id="deploy-the-crs">Deploy the CRs</h2>
<p>Now, be ready for the arcane magic. Create a Kustomization manifest called <code>deployment-crs.yaml</code> with the following content:</p>
<div class="highlight"><pre><span></span><code><span class="nn">---</span>
<span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">kustomize.toolkit.fluxcd.io/v1beta2</span>
<span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Kustomization</span>
<span class="nt">metadata</span><span class="p">:</span>
<span class="w">  </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets-crs</span>
<span class="w">  </span><span class="nt">namespace</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">flux-system</span>
<span class="nt">spec</span><span class="p">:</span>
<span class="w">  </span><span class="nt">dependsOn</span><span class="p">:</span>
<span class="w">    </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets-crds</span>
<span class="w">  </span><span class="nt">interval</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">10m</span>
<span class="w">  </span><span class="nt">path</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">./infrastructure/external-secrets/crs</span>
<span class="w">  </span><span class="nt">prune</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class="w">  </span><span class="nt">sourceRef</span><span class="p">:</span>
<span class="w">    </span><span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">GitRepository</span>
<span class="w">    </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">flux-system</span>
</code></pre></div>
<p>There are several interesting details to see here, that finally solves the race condition:</p>
<ol>
<li>First one is the field <code>dependsOn</code>, which points to a previous Kustomization called <code>external-secrets-crds</code>. This
   dependency forces this deployment to wait for the other to be ready, before start being deployed.</li>
<li>The reference to the place where to find the CRs
   <div class="highlight"><pre><span></span><code><span class="nt">path</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">./infrastructure/external-secrets/crs</span>
<span class="nt">sourceRef</span><span class="p">:</span>
<span class="w"> </span><span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">GitRepository</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">flux-system</span>
</code></pre></div>
   Custom Resources will be searched in the relative path <code>./infrastructure/external-secrets/crs</code> of the GitRepository
   called <code>flux-system</code>, which is a reference to the same repository that FluxCD watches to synchronize the cluster.
   With fewer words, a reference to itself, but going to another directory called <code>crs</code></li>
</ol>
<p>Of course, allocate inside the mentioned path <code>./infrastructure/external-secrets/crs</code>, all the desired CRs to be deployed,
for example, a manifest <code>clusterSecretStore.yaml</code> to reach your Hashicorp Vault as follows:</p>
<div class="highlight"><pre><span></span><code><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets.io/v1beta1</span>
<span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ClusterSecretStore</span>
<span class="nt">metadata</span><span class="p">:</span>
<span class="w">  </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">vault-backend-global</span>
<span class="nt">spec</span><span class="p">:</span>
<span class="w">  </span><span class="nt">provider</span><span class="p">:</span>
<span class="w">    </span><span class="nt">vault</span><span class="p">:</span>
<span class="w">      </span><span class="nt">server</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;https://vault.your-domain.com&quot;</span>
<span class="w">      </span><span class="nt">path</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">secret</span>
<span class="w">      </span><span class="nt">version</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">v2</span>
<span class="w">      </span><span class="nt">auth</span><span class="p">:</span>
<span class="w">        </span><span class="c1"># points to a secret that contains a vault token</span>
<span class="w">        </span><span class="c1"># https://www.vaultproject.io/docs/auth/token</span>
<span class="w">        </span><span class="nt">tokenSecretRef</span><span class="p">:</span>
<span class="w">          </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;vault-token-global&quot;</span>
<span class="w">          </span><span class="nt">key</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;token&quot;</span>
<span class="w">          </span><span class="nt">namespace</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets</span>
</code></pre></div>
<h2 id="results">Results</h2>
<p>At the end, the required files tree is shown in the following picture:</p>
<p><img alt="FluxCD files tree" src="../../pictures/screenshot_gitops_final_directory_tree.png" /></p>









  




                
              </article>
            </div>
          
          
<script>var target=document.getElementById(location.hash.slice(1));target&&target.name&&(target.checked=target.name.startsWith("__tabbed_"))</script>
        </div>
        
      </main>
      
        <footer class="md-footer">
  
  <div class="md-footer-meta md-typeset">
    <div class="md-footer-meta__inner md-grid">
      <div class="md-copyright">
  
    <div class="md-copyright__highlight">
      &copy; 2024 The external-secrets Authors.<br/>
&copy; 2024 The Linux Foundation. All rights reserved.<br/><br/>
The Linux Foundation has registered trademarks and uses trademarks.<br/>
For a list of trademarks of The Linux Foundation, please see our <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage page</a>.

    </div>
  
  
    Made with
    <a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
      Material for MkDocs
    </a>
  
</div>
      
    </div>
  </div>
</footer>
      
    </div>
    <div class="md-dialog" data-md-component="dialog">
      <div class="md-dialog__inner md-typeset"></div>
    </div>
    
    
    <script id="__config" type="application/json">{"base": "../..", "features": ["navigation.tabs", "navigation.indexes", "navigation.expand"], "search": "../../assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}, "version": {"provider": "mike"}}</script>
    
    
      <script src="../../assets/javascripts/bundle.af256bd8.min.js"></script>
      
    
  </body>
</html>