apiVersion: v1 data: license: J3t9Jw== kind: Secret metadata: creationTimestamp: null name: kong-enterprise-license namespace: kong --- apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret metadata: name: kong-cluster-cert spec: secretStoreRef: name: vault-kong kind: SecretStore target: name: kong-cluster-cert data: - secretKey: tls.crt remoteRef: key: secrets/kong/tls property: cert - secretKey: tls.key remoteRef: key: secrets/kong/tls property: key #--- # #apiVersion: external-secrets.io/v1beta1 #kind: ExternalSecret #metadata: # name: kong-config-secret #spec: # secretStoreRef: # name: vault-kong # kind: SecretStore # target: # name: kong-config-secret # data: # - secretKey: admin_gui_session_conf # remoteRef: # key: secrets/kong/config # property: admin_gui_session_conf # - secretKey: kong_admin_password # remoteRef: # key: secrets/kong/config # property: kong_admin_password # - secretKey: password # remoteRef: # key: secrets/kong/postgres # property: password # - secretKey: pg_host # remoteRef: # key: secrets/kong/config # property: pg_host # - secretKey: portal_session_conf # remoteRef: # key: secrets/kong/config # property: portal_session_conf # --- apiVersion: external-secrets.io/v1beta1 kind: SecretStore metadata: name: vault-kong spec: provider: vault: server: "http://vault.vault.svc.cluster.local:8200" path: "secrets" version: "v2" auth: kubernetes: mountPath: "kubernetes" role: "external-secrets" --- apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret metadata: name: kong-postgresql spec: secretStoreRef: name: vault-kong kind: SecretStore target: name: kong-postgresql data: - secretKey: postgres-username remoteRef: key: secrets/kong/postgres property: username - secretKey: postgres-password remoteRef: key: secrets/kong/postgres property: password - secretKey: postgres-database remoteRef: key: secrets/kong/postgres property: database - secretKey: password remoteRef: key: secrets/kong/postgres property: password