init commit

applicationsets/cluster-secretstores-appset.yaml

@@ -0,0 +1,30 @@
+apiVersion: argoproj.io/v1alpha1
+kind: ApplicationSet
+metadata:
+  name: cluster-secretstores-appset.yaml
+  namespace: argocd
+spec:
+  generators:
+    - git:
+        repoURL: https://git.dvirlabs.com/dvirlabs/secrets-gitops.git
+        revision: master
+        directories:
+          - path: external-secrets/*
+  template:
+    metadata:
+      name: external-secret-{{path.basename}}
+    spec:
+      project: operators
+      source:
+        repoURL: https://git.dvirlabs.com/dvirlabs/secrets-gitops.git
+        targetRevision: master
+        path: '{{path}}'
+        directory:
+          recurse: true
+      destination:
+        server: https://kubernetes.default.svc
+        namespace: monitoring
+      syncPolicy:
+        automated:
+          prune: true
+          selfHeal: true

cluster-secretstores/vault-oidc-clients.yaml

@@ -0,0 +1,15 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ClusterSecretStore
+metadata:
+  name: vault-oidc-clients
+spec:
+  provider:
+    vault:
+      server: "http://vault.dev-tools.svc.cluster.local:8200"
+      path: "oidc-cliets"
+      version: "v2"
+      auth:
+        tokenSecretRef:
+          name: vault-init
+          key: root-token
+          namespace: dev-tools