apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
  name: prod-kubeconfig
spec:
  secretStoreRef:
    name: vault
    kind: ClusterSecretStore
  target:
    name: prod-kubeconfig
  data:
    - secretKey: kubeconfig
      remoteRef:
        key: kv/argocd/prd
        property: kubeconfig

---
#apiVersion: cluster.argocd.crossplane.io/v1alpha1
#kind: Cluster
#metadata:
#  name: prd-cluster
#  labels:
#    purpose: prd
#spec:
#  forProvider:
#    name: prd-cluster
#    config:
#      kubeconfigSecretRef:
#        name: prod-kubeconfig
#        key: kubeconfig
#        namespace: argocd
#  providerConfigRef:
#    name: argocd-provider
#    namespace: argocd

---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
  name: argocd-crossplane-secret
spec:
  secretStoreRef:
    name: vault
    kind: ClusterSecretStore
  target:
    name: argocd-crossplane-secret
  data:
    - secretKey: authToken
      remoteRef:
        key: kv/argocd/provider-argocd
        property: token

---
apiVersion: argocd.crossplane.io/v1alpha1
kind: ProviderConfig
metadata:
  name: argocd-provider
spec:
  serverAddr: argocd-server.argocd.svc:443
  insecure: true
  plainText: false
  credentials:
    source: Secret
    secretRef:
      namespace: argocd
      name: argocd-crossplane-secret
      key: authToken