From c5af012552d3e697903ed5c7d5ebf049569f100b Mon Sep 17 00:00:00 2001 From: Alex Lebens Date: Wed, 14 May 2025 17:32:24 -0500 Subject: [PATCH] add credentials for metrics --- .../templates/external-secret.yaml | 25 +++++++++++++++++++ .../templates/service-monitor.yaml | 4 +-- 2 files changed, 27 insertions(+), 2 deletions(-) diff --git a/clusters/cl01tl/applications/home-assistant/templates/external-secret.yaml b/clusters/cl01tl/applications/home-assistant/templates/external-secret.yaml index f5ecd7365..a0188b58a 100644 --- a/clusters/cl01tl/applications/home-assistant/templates/external-secret.yaml +++ b/clusters/cl01tl/applications/home-assistant/templates/external-secret.yaml @@ -28,3 +28,28 @@ spec: key: /cl01tl/home-assistant/code-server/auth metadataPolicy: None property: SUDO_PASSWORD + +--- +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: home-assistant-token-secret + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: home-assistant-token-secret + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: web + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + data: + - secretKey: bearer-token + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/home-assistant/auth + metadataPolicy: None + property: bearer-token diff --git a/clusters/cl01tl/applications/home-assistant/templates/service-monitor.yaml b/clusters/cl01tl/applications/home-assistant/templates/service-monitor.yaml index 9820c5635..4831ef501 100644 --- a/clusters/cl01tl/applications/home-assistant/templates/service-monitor.yaml +++ b/clusters/cl01tl/applications/home-assistant/templates/service-monitor.yaml @@ -20,5 +20,5 @@ spec: scrapeTimeout: 1m path: /api/prometheus bearerTokenSecret: - name: secretName - key: secretKey + name: home-assistant-token-secret + key: bearer-token