From e9798269e57e829bd666ac86f948afbf45213e6e Mon Sep 17 00:00:00 2001 From: dvirlabs Date: Thu, 22 May 2025 21:12:53 +0300 Subject: [PATCH] init commit --- .../cluster-secretstores-appset.yaml | 30 +++++++++++++++++++ cluster-secretstores/vault-oidc-clients.yaml | 15 ++++++++++ 2 files changed, 45 insertions(+) create mode 100644 applicationsets/cluster-secretstores-appset.yaml create mode 100644 cluster-secretstores/vault-oidc-clients.yaml diff --git a/applicationsets/cluster-secretstores-appset.yaml b/applicationsets/cluster-secretstores-appset.yaml new file mode 100644 index 0000000..7e2f8d4 --- /dev/null +++ b/applicationsets/cluster-secretstores-appset.yaml @@ -0,0 +1,30 @@ +apiVersion: argoproj.io/v1alpha1 +kind: ApplicationSet +metadata: + name: cluster-secretstores-appset.yaml + namespace: argocd +spec: + generators: + - git: + repoURL: https://git.dvirlabs.com/dvirlabs/secrets-gitops.git + revision: master + directories: + - path: external-secrets/* + template: + metadata: + name: external-secret-{{path.basename}} + spec: + project: operators + source: + repoURL: https://git.dvirlabs.com/dvirlabs/secrets-gitops.git + targetRevision: master + path: '{{path}}' + directory: + recurse: true + destination: + server: https://kubernetes.default.svc + namespace: monitoring + syncPolicy: + automated: + prune: true + selfHeal: true diff --git a/cluster-secretstores/vault-oidc-clients.yaml b/cluster-secretstores/vault-oidc-clients.yaml new file mode 100644 index 0000000..4a04328 --- /dev/null +++ b/cluster-secretstores/vault-oidc-clients.yaml @@ -0,0 +1,15 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ClusterSecretStore +metadata: + name: vault-oidc-clients +spec: + provider: + vault: + server: "http://vault.dev-tools.svc.cluster.local:8200" + path: "oidc-cliets" + version: "v2" + auth: + tokenSecretRef: + name: vault-init + key: root-token + namespace: dev-tools \ No newline at end of file