58 lines
1.3 KiB
YAML
58 lines
1.3 KiB
YAML
apiVersion: external-secrets.io/v1beta1
|
|
kind: ExternalSecret
|
|
metadata:
|
|
name: vault-grafana-oauth
|
|
spec:
|
|
secretStoreRef:
|
|
name: vault-kube-prometheus
|
|
kind: SecretStore
|
|
target:
|
|
name: grafana-oauth
|
|
data:
|
|
- secretKey: GF_AUTH_GENERIC_OAUTH_CLIENT_ID
|
|
remoteRef:
|
|
key: kube-prometheus/grafana/oauth
|
|
property: GF_AUTH_GENERIC_OAUTH_CLIENT_ID
|
|
- secretKey: GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET
|
|
remoteRef:
|
|
key: kube-prometheus/grafana/oauth
|
|
property: GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET
|
|
|
|
---
|
|
|
|
apiVersion: external-secrets.io/v1beta1
|
|
kind: ExternalSecret
|
|
metadata:
|
|
name: vault-admin-credentials
|
|
spec:
|
|
secretStoreRef:
|
|
name: vault-kube-prometheus
|
|
kind: SecretStore
|
|
target:
|
|
name: grafana-admin-credentials
|
|
data:
|
|
- secretKey: admin-password
|
|
remoteRef:
|
|
key: kube-prometheus/grafana/admin
|
|
property: admin-password
|
|
- secretKey: admin-user
|
|
remoteRef:
|
|
key: kube-prometheus/grafana/admin
|
|
property: admin-user
|
|
|
|
---
|
|
|
|
apiVersion: external-secrets.io/v1beta1
|
|
kind: SecretStore
|
|
metadata:
|
|
name: vault-kube-prometheus
|
|
spec:
|
|
provider:
|
|
vault:
|
|
server: "http://vault.vault.svc.cluster.local:8200"
|
|
path: "kube-prometheus"
|
|
version: "v2"
|
|
auth:
|
|
kubernetes:
|
|
mountPath: "kubernetes"
|
|
role: "external-secrets" |