From 0b622166b3329ec5d6a270dc2157f3fd674d56b6 Mon Sep 17 00:00:00 2001
From: dvirlabs <114520947+dvirlabs@users.noreply.github.com>
Date: Tue, 20 May 2025 14:10:50 +0300
Subject: [PATCH] Create app external-secrets-config

---
 argocd-apps/external-secrets-config.yaml      | 20 ++++++++++
 .../external-secrets/clustersecretstore.yaml  | 15 +++++++
 manifests/external-secrets/values.yaml        | 40 ++++++++++++-------
 3 files changed, 60 insertions(+), 15 deletions(-)
 create mode 100644 argocd-apps/external-secrets-config.yaml
 create mode 100644 manifests/external-secrets/clustersecretstore.yaml

diff --git a/argocd-apps/external-secrets-config.yaml b/argocd-apps/external-secrets-config.yaml
new file mode 100644
index 0000000..9d8b9c4
--- /dev/null
+++ b/argocd-apps/external-secrets-config.yaml
@@ -0,0 +1,20 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: external-secrets-config
+  namespace: argocd
+spec:
+  project: dev-tools
+  source:
+    repoURL: https://git.dvirlabs.com/dvirlabs/dev-tools.git
+    targetRevision: master
+    path: manifests/external-secrets
+    directory:
+      recurse: true
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: external-secrets
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
diff --git a/manifests/external-secrets/clustersecretstore.yaml b/manifests/external-secrets/clustersecretstore.yaml
new file mode 100644
index 0000000..c73d977
--- /dev/null
+++ b/manifests/external-secrets/clustersecretstore.yaml
@@ -0,0 +1,15 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ClusterSecretStore
+metadata:
+  name: vault-backend
+spec:
+  provider:
+    vault:
+      server: "http://vault.dev-tools.svc.cluster.local:8200"
+      path: "secret"
+      version: "v2"
+      auth:
+        tokenSecretRef:
+          name: vault-init
+          key: root-token
+          namespace: dev-tools
\ No newline at end of file
diff --git a/manifests/external-secrets/values.yaml b/manifests/external-secrets/values.yaml
index c73d977..f3c16f0 100644
--- a/manifests/external-secrets/values.yaml
+++ b/manifests/external-secrets/values.yaml
@@ -1,15 +1,25 @@
-apiVersion: external-secrets.io/v1beta1
-kind: ClusterSecretStore
-metadata:
-  name: vault-backend
-spec:
-  provider:
-    vault:
-      server: "http://vault.dev-tools.svc.cluster.local:8200"
-      path: "secret"
-      version: "v2"
-      auth:
-        tokenSecretRef:
-          name: vault-init
-          key: root-token
-          namespace: dev-tools
\ No newline at end of file
+installCRDs: true
+
+image:
+  repository: ghcr.io/external-secrets/external-secrets
+  tag: v0.9.19
+  pullPolicy: IfNotPresent
+  flavour: default
+
+webhook:
+  enabled: true
+  image:
+    repository: ghcr.io/external-secrets/external-secrets
+    tag: v0.9.19
+    flavour: webhook
+
+certController:
+  enabled: true
+  image:
+    repository: ghcr.io/external-secrets/external-secrets
+    tag: v0.9.19
+    flavour: cert-controller
+  certs:
+    duration: 8760h
+    renewBefore: 720h
+    selfSigned: true
\ No newline at end of file