applicationsets/cluster-secretstores-appset.yaml

@@ -1,31 +1,31 @@
-# apiVersion: argoproj.io/v1alpha1
+apiVersion: argoproj.io/v1alpha1
-# kind: ApplicationSet
+kind: ApplicationSet
-# metadata:
+metadata:
-#   name: cluster-secretstores
+  name: cluster-secretstores
-#   namespace: argocd
+  namespace: argocd
-# spec:
+spec:
-#   generators:
+  generators:
-#   - git:
+    - git:
-#       repoURL: https://git.dvirlabs.com/dvirlabs/secrets-gitops.git
+        repoURL: https://git.dvirlabs.com/dvirlabs/secrets-gitops.git
-#       revision: master
+        revision: master
-#       files:
+        files:
-#         - path: cluster-secretstores/*.yaml
+          - path: cluster-secretstores/*.yaml
-#   template:
+  template:
-#     metadata:
+    metadata:
-#       name: cluster-secretstore-{{path.filename}}  # <-- FIXED
+      name: cluster-secretstore-{{path.basename}}
-#     spec:
+    spec:
-#       project: dev-tools
+      project: dev-tools
-#       source:
+      source:
-#         repoURL: https://git.dvirlabs.com/dvirlabs/secrets-gitops.git
+        repoURL: https://git.dvirlabs.com/dvirlabs/secrets-gitops.git
-#         targetRevision: master
+        targetRevision: master
-#         path: cluster-secretstores
+        path: cluster-secretstores
-#         directory:
+        directory:
-#           recurse: false
+          recurse: false
-#           include: '{{path.filename}}'
+          include: '{{path.basename}}.yaml'
-#       destination:
+      destination:
-#         server: https://kubernetes.default.svc
+        server: https://kubernetes.default.svc
-#         namespace: dev-tools
+        namespace: monitoring
-#       syncPolicy:
+      syncPolicy:
-#         automated:
+        automated:
-#           prune: true
+          prune: true
-#           selfHeal: true
+          selfHeal: true

cluster-secretstores/vault-general-secrets.yaml

@@ -1,15 +0,0 @@
-apiVersion: external-secrets.io/v1beta1
-kind: ClusterSecretStore
-metadata:
-  name: vault-general-secrets
-spec:
-  provider:
-    vault:
-      server: "http://vault.dev-tools.svc.cluster.local:8200"
-      path: "general-secrets"
-      version: "v2"
-      auth:
-        tokenSecretRef:
-          name: vault-eso-token
-          key: token
-          namespace: dev-tools

cluster-secretstores/vault-internal-users.yaml

@@ -1,15 +0,0 @@
-apiVersion: external-secrets.io/v1beta1
-kind: ClusterSecretStore
-metadata:
-  name: vault-internal-users
-spec:
-  provider:
-    vault:
-      server: "http://vault.dev-tools.svc.cluster.local:8200"
-      path: "internal-users"
-      version: "v2"
-      auth:
-        tokenSecretRef:
-          name: vault-eso-token
-          key: token
-          namespace: dev-tools

cluster-secretstores/vault-oidc-clients.yaml

@@ -6,10 +6,10 @@ spec:
   provider:
     vault:
       server: "http://vault.dev-tools.svc.cluster.local:8200"
-      path: "oidc-clients"
+      path: "oidc-cliets"
       version: "v2"
       auth:
         tokenSecretRef:
-          name: vault-eso-token
+          name: vault-init
-          key: token
+          key: root-token
           namespace: dev-tools