chore(k8s-peterg): Switch to Vault secretstore

2026-01-27 16:15:13 +01:00 · 2026-01-27 16:15:13 +01:00 · 229739f938
commit 229739f938
parent 10b1c1efd0
6 changed files with 56 additions and 21 deletions
--- a/k8s-peterg/argocd/oidc.yaml
+++ b/k8s-peterg/argocd/oidc.yaml
@ -6,11 +6,10 @@ metadata:
  namespace: argocd
 spec:
  secretStoreRef:
+    name: vault-wheatley
    kind: ClusterSecretStore
-    name: 1password-wheatley
  target:
    name: argocd-authentik-provider
-    creationPolicy: Owner
    template:
      metadata:
        labels:
@ -18,10 +17,13 @@ spec:
  data:
    - secretKey: dex.authentik.issuer
      remoteRef:
-        key: authentik-argocd-provider/issuer
+        key: secrets/managed/argocd/authentik-oidc-credentials
+        property: issuer
    - secretKey: dex.authentik.clientID
      remoteRef:
-        key: authentik-argocd-provider/client_id
+        key: secrets/managed/argocd/authentik-oidc-credentials
+        property: clientID
    - secretKey: dex.authentik.clientSecret
      remoteRef:
-        key: authentik-argocd-provider/client_secret
+        key: secrets/managed/argocd/authentik-oidc-credentials
+        property: clientSecret