32 lines
797 B
YAML
32 lines
797 B
YAML
apiVersion: external-secrets.io/v1beta1
|
|
kind: ClusterExternalSecret
|
|
metadata:
|
|
name: registry-credentials
|
|
spec:
|
|
externalSecretName: "registry-credentials"
|
|
refreshTime: "1h"
|
|
namespaceSelector:
|
|
matchExpressions:
|
|
- key: kubernetes.io/metadata.name
|
|
operator: In
|
|
values:
|
|
- system
|
|
- flux-system
|
|
- namespace1
|
|
externalSecretSpec:
|
|
secretStoreRef:
|
|
name: vault-secret-store
|
|
kind: ClusterSecretStore
|
|
refreshInterval: "1h"
|
|
target:
|
|
name: registry-credentials
|
|
deletionPolicy: Retain
|
|
template:
|
|
type: kubernetes.io/dockerconfigjson
|
|
data:
|
|
.dockerconfigjson: "{{ .auths }}"
|
|
data:
|
|
- secretKey: auths
|
|
remoteRef:
|
|
key: kubernetes-secrets/registry-credentials
|