36 lines
749 B
YAML
36 lines
749 B
YAML
apiVersion: external-secrets.io/v1beta1
|
|
kind: ClusterSecretStore
|
|
metadata:
|
|
name: vault
|
|
spec:
|
|
provider:
|
|
vault:
|
|
server: "https://vault.vault.svc.cluster.local:8200"
|
|
path: "secrets"
|
|
version: "v2"
|
|
auth:
|
|
kubernetes:
|
|
mountPath: "kubernetes"
|
|
role: "VaultSecretStore"
|
|
serviceAccountRef:
|
|
name: "vault"
|
|
|
|
---
|
|
|
|
apiVersion: external-secrets.io/v1beta1
|
|
kind: ExternalSecret
|
|
metadata:
|
|
name: cloudflare-api-token-secret
|
|
spec:
|
|
secretStoreRef:
|
|
name: vault
|
|
kind: ClusterSecretStore
|
|
target:
|
|
name: cloudflare-api-token-secret
|
|
data:
|
|
- secretKey: cloudflare-api-token-secret
|
|
remoteRef:
|
|
key: secrets/cert-manager
|
|
property: cloudflare-api-token-secret
|
|
|