apiVersion: pkg.crossplane.io/v1
kind: Provider
metadata:
  name: provider-gitlab
spec:
  package: xpkg.upbound.io/crossplane-contrib/provider-gitlab:v0.5.0
---

apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
  name: gitlab-secret
spec:
  secretStoreRef:
    name: vault
    kind: ClusterSecretStore
  target:
    name: gitlab-secret
  data:
  - secretKey: accesstoken
    remoteRef:
      key: secrets/gitlab/token
      property: accesstoken

---

apiVersion: gitlab.crossplane.io/v1beta1
kind: ProviderConfig
metadata:
  name: gitlab-provider
spec:
  baseURL: https://gitlab.com/
  credentials:
    source: Secret
    secretRef:
      namespace: crossplane
      name: gitlab-secret
      key: accesstoken

---

apiVersion: projects.gitlab.crossplane.io/v1alpha1
kind: Project
metadata:
  name: example-project
spec:
  forProvider:
    # If not set, metadata.name will be used instead.
    name: "Example Project"
    description: "example project description"
  providerConfigRef:
    name: gitlab-provider
  # a reference to a Kubernetes secret to which the controller will write the runnersToken
  writeConnectionSecretToRef:
    name: gitlab-project-example-project
    namespace: crossplane