From 59d9dc85ce237780ce04d30c3ecd0b5b1d5bcedf Mon Sep 17 00:00:00 2001 From: Alex Lebens Date: Thu, 11 Dec 2025 16:38:29 -0600 Subject: [PATCH] add secret --- .../directus/templates/external-secret.yaml | 97 +++++++++++++------ 1 file changed, 67 insertions(+), 30 deletions(-) diff --git a/clusters/cl01tl/helm/directus/templates/external-secret.yaml b/clusters/cl01tl/helm/directus/templates/external-secret.yaml index a225e81e2..f19a12d83 100644 --- a/clusters/cl01tl/helm/directus/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/directus/templates/external-secret.yaml @@ -177,36 +177,6 @@ spec: metadataPolicy: None property: secret ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: directus-postgresql-17-cluster-backup-secret-weekly - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: directus-postgresql-17-cluster-backup-secret-weekly - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_KEY_ID - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_SECRET_KEY - --- apiVersion: external-secrets.io/v1 kind: ExternalSecret @@ -243,3 +213,70 @@ spec: key: /garage/home-infra/postgres-backups metadataPolicy: None property: ACCESS_REGION + +--- +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: directus-postgresql-18-cluster-backup-secret + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: directus-postgresql-18-cluster-backup-secret + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + data: + - secretKey: ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /digital-ocean/home-infra/postgres-backups + metadataPolicy: None + property: access + - secretKey: ACCESS_SECRET_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /digital-ocean/home-infra/postgres-backups + metadataPolicy: None + property: secret + +--- +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: directus-postgresql-18-cluster-backup-secret-garage + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: directus-postgresql-18-cluster-backup-secret-garage + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + data: + - secretKey: ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/postgres-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: ACCESS_SECRET_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/postgres-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY + - secretKey: ACCESS_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/postgres-backups + metadataPolicy: None + property: ACCESS_REGION