feat: migrate to openbao

clusters/cl01tl/helm/authentik/templates/external-secret.yaml

@@ -1,16 +1,16 @@
 apiVersion: external-secrets.io/v1
 kind: ExternalSecret
 metadata:
-  name: authentik-key-secret
+  name: authentik-key
   namespace: {{ .Release.Namespace }}
   labels:
-    app.kubernetes.io/name: authentik-key-secret
+    app.kubernetes.io/name: {{ .Template.Name }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
   secretStoreRef:
     kind: ClusterSecretStore
-    name: vault
+    name: openbao
   data:
     - secretKey: key
       remoteRef:

clusters/cl01tl/helm/authentik/templates/ingress.yaml

@@ -4,7 +4,7 @@ metadata:
   name: authentik-tailscale
   namespace: {{ .Release.Namespace }}
   labels:
-    app.kubernetes.io/name: authentik-tailscale
+    app.kubernetes.io/name: {{ .Template.Name }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/part-of: {{ .Release.Name }}
     tailscale.com/proxy-class: no-metrics

clusters/cl01tl/helm/authentik/templates/reference-grant.yaml

@@ -4,7 +4,7 @@ metadata:
   name: allow-outpost-cross-namespace-access
   namespace: {{ .Release.Namespace }}
   labels:
-    app.kubernetes.io/name: allow-outpost-cross-namespace-access
+    app.kubernetes.io/name: {{ .Template.Name }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:

clusters/cl01tl/helm/authentik/values.yaml

@@ -4,7 +4,7 @@ authentik:
       - name: AUTHENTIK_SECRET_KEY
         valueFrom:
           secretKeyRef:
-            name: authentik-key-secret
+            name: authentik-key
             key: key
       - name: AUTHENTIK_POSTGRESQL__HOST
         valueFrom: