38 lines
1.1 KiB
YAML
38 lines
1.1 KiB
YAML
apiVersion: external-secrets.io/v1
|
|
kind: ExternalSecret
|
|
metadata:
|
|
name: airbyte-minio-external-secret
|
|
namespace: {{ .Env.AIRBYTE_NAMESPACE }}
|
|
spec:
|
|
refreshInterval: 1h
|
|
secretStoreRef:
|
|
name: vault-secret-store
|
|
kind: ClusterSecretStore
|
|
target:
|
|
# Target: airbyte-airbyte-secrets is managed by Helm's pre-install hook
|
|
# We use creationPolicy: Merge to add MinIO credentials to the existing secret
|
|
# Note: This may need re-sync after Helm reinstalls due to timing issues
|
|
name: airbyte-airbyte-secrets
|
|
creationPolicy: Merge
|
|
template:
|
|
type: Opaque
|
|
data:
|
|
access_key: "{{ `{{ .access_key }}` }}"
|
|
secret_key: "{{ `{{ .secret_key }}` }}"
|
|
data:
|
|
- secretKey: access_key
|
|
remoteRef:
|
|
key: airbyte/minio
|
|
property: access_key
|
|
- secretKey: secret_key
|
|
remoteRef:
|
|
key: airbyte/minio
|
|
property: secret_key
|
|
- secretKey: bucket
|
|
remoteRef:
|
|
key: airbyte/minio
|
|
property: bucket
|
|
- secretKey: endpoint
|
|
remoteRef:
|
|
key: airbyte/minio
|
|
property: endpoint |