28 lines
703 B
YAML
28 lines
703 B
YAML
apiVersion: external-secrets.io/v1beta1
|
|
kind: ExternalSecret
|
|
metadata:
|
|
name: argocd-oidc-secret-source
|
|
namespace: argocd
|
|
spec:
|
|
refreshInterval: 1m
|
|
secretStoreRef:
|
|
name: vault-backend
|
|
kind: ClusterSecretStore
|
|
target:
|
|
name: argocd-oidc-secret
|
|
template:
|
|
engineVersion: v2
|
|
data:
|
|
# ArgoCD erwartet diese Keys für OIDC Config
|
|
oidc.authentik.clientId: "{{ .client_id }}"
|
|
oidc.authentik.clientSecret: "{{ .client_secret }}"
|
|
data:
|
|
- secretKey: client_id
|
|
remoteRef:
|
|
key: secret/apps/argocd
|
|
property: client_id
|
|
- secretKey: client_secret
|
|
remoteRef:
|
|
key: secret/apps/argocd
|
|
property: client_secret
|