Untitled

 avatar
cion
plain_text
10 days ago
1.1 kB
2
Indexable
Never
#HELM VALUES
projectId: $GCP_CLUSTER_PROJECT
lzf_projectId: lzf-dbc-dev-109137-7-001-0f0b
ksaName: "api-bff-pulse-portal"
gsaName: "api-bff-pulse-portal"
secrets:
  storeName: "pulse-portal-backend-secret-store"
  externalSecretName: "pulse-portal-backend-external-secret"
  k8sSecretName: "pulse-portal-backend-secrets"
  db:
    gsmSecretName: "ODS_OWNER_PASSWORD"
    k8sSecretKey: "odsOwnerPassword"


-------
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
  name: "{{ .Values.secrets.db.externalSecretName }}"
  namespace: "{{.Values.namespace}}"
spec:
  refreshInterval: 1h # rate SecretManager pulls GCPSM
  secretStoreRef:
    kind: SecretStore
    name: "{{ .Values.secrets.storeName }}" # name of the SecretStore (or kind specified)
  target:
    name: "{{ .Values.secrets.db.k8sSecretName }}" # name of the k8s Secret to be created
    creationPolicy: Owner
  data:
    - secretKey: "{{ .Values.secrets.db.k8sSecretKey }}" # key name that will be stored in the Kubernetes secret
      remoteRef:
        key: "{{ .Values.secrets.db.gsmSecretName }}" # name of the GCPSM secret
Leave a Comment