From 3ae9b9de5aa5da002b413acb0590a027ecfb37eb Mon Sep 17 00:00:00 2001 From: pgijsbertsen <117165507+pgijsbertsen@users.noreply.github.com> Date: Sun, 14 Dec 2025 14:07:51 +0100 Subject: [PATCH] chore(eso): Move ExternalSecretsOperator configuration to kustomize-bases --- .../kustomization.yaml | 10 +----- .../clustersecrets.yaml | 34 +++++++++++++++++++ .../kustomization.yaml | 7 ++++ .../kustomization.yaml | 14 ++++++++ .../external-secrets-operator/namespace.yaml | 0 .../secretstore.yaml | 0 6 files changed, 56 insertions(+), 9 deletions(-) create mode 100644 k8s-wheatley/external-secrets-operator/clustersecrets.yaml create mode 100644 k8s-wheatley/external-secrets-operator/kustomization.yaml create mode 100644 kustomize-bases/external-secrets-operator/kustomization.yaml rename {k8s-peterg => kustomize-bases}/external-secrets-operator/namespace.yaml (100%) rename {k8s-peterg => kustomize-bases}/external-secrets-operator/secretstore.yaml (100%) diff --git a/k8s-peterg/external-secrets-operator/kustomization.yaml b/k8s-peterg/external-secrets-operator/kustomization.yaml index 0604d96..16d5852 100644 --- a/k8s-peterg/external-secrets-operator/kustomization.yaml +++ b/k8s-peterg/external-secrets-operator/kustomization.yaml @@ -3,13 +3,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - namespace.yaml - - secretstore.yaml + - ../../kustomize-bases/external-secrets-operator - clustersecrets.yaml - -helmCharts: - - name: external-secrets - repo: https://charts.external-secrets.io - namespace: external-secrets - releaseName: external-secrets - version: 1.0.0 diff --git a/k8s-wheatley/external-secrets-operator/clustersecrets.yaml b/k8s-wheatley/external-secrets-operator/clustersecrets.yaml new file mode 100644 index 0000000..74fa2eb --- /dev/null +++ b/k8s-wheatley/external-secrets-operator/clustersecrets.yaml @@ -0,0 +1,34 @@ +--- +apiVersion: external-secrets.io/v1 +kind: ClusterExternalSecret +metadata: + name: tls-wildcard-wheatley-in +spec: + externalSecretName: tls-wildcard-wheatley-in + namespaceSelectors: + - matchLabels: + kubernetes.io/metadata.name: kube-system + externalSecretSpec: + secretStoreRef: + name: 1password-wheatley + kind: ClusterSecretStore + target: + name: tls-wildcard-wheatley-in + template: + type: kubernetes.io/tls + data: + tls.crt: "{{ .crt }}" + tls.key: "{{ .key }}" + data: + - secretKey: key + remoteRef: + key: tls-wildcard-wheatley-in/key + metadataPolicy: None + conversionStrategy: Default + decodingStrategy: None + - secretKey: crt + remoteRef: + key: tls-wildcard-wheatley-in/crt + metadataPolicy: None + conversionStrategy: Default + decodingStrategy: None diff --git a/k8s-wheatley/external-secrets-operator/kustomization.yaml b/k8s-wheatley/external-secrets-operator/kustomization.yaml new file mode 100644 index 0000000..16d5852 --- /dev/null +++ b/k8s-wheatley/external-secrets-operator/kustomization.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - ../../kustomize-bases/external-secrets-operator + - clustersecrets.yaml diff --git a/kustomize-bases/external-secrets-operator/kustomization.yaml b/kustomize-bases/external-secrets-operator/kustomization.yaml new file mode 100644 index 0000000..9dc89ef --- /dev/null +++ b/kustomize-bases/external-secrets-operator/kustomization.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - namespace.yaml + - secretstore.yaml + +helmCharts: + - name: external-secrets + repo: https://charts.external-secrets.io + namespace: external-secrets + releaseName: external-secrets + version: 1.0.0 diff --git a/k8s-peterg/external-secrets-operator/namespace.yaml b/kustomize-bases/external-secrets-operator/namespace.yaml similarity index 100% rename from k8s-peterg/external-secrets-operator/namespace.yaml rename to kustomize-bases/external-secrets-operator/namespace.yaml diff --git a/k8s-peterg/external-secrets-operator/secretstore.yaml b/kustomize-bases/external-secrets-operator/secretstore.yaml similarity index 100% rename from k8s-peterg/external-secrets-operator/secretstore.yaml rename to kustomize-bases/external-secrets-operator/secretstore.yaml