diff --git a/clusters/cl01tl/monitoring/s3-exporter/templates/external-secret.yaml b/clusters/cl01tl/monitoring/s3-exporter/templates/external-secret.yaml index 8257a5c12..816bd0401 100644 --- a/clusters/cl01tl/monitoring/s3-exporter/templates/external-secret.yaml +++ b/clusters/cl01tl/monitoring/s3-exporter/templates/external-secret.yaml @@ -75,10 +75,10 @@ spec: apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: s3-garage-local-secret + name: s3-garage-secret namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: s3-garage-local-secret + app.kubernetes.io/name: s3-garage-secret app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }} spec: @@ -90,57 +90,20 @@ spec: remoteRef: conversionStrategy: Default decodingStrategy: None - key: /garage/home-infra/postgres-backups + key: /garage/home-infra/s3-exporter metadataPolicy: None property: ACCESS_KEY_ID - secretKey: AWS_SECRET_ACCESS_KEY remoteRef: conversionStrategy: Default decodingStrategy: None - key: /garage/home-infra/postgres-backups + key: /garage/home-infra/s3-exporter metadataPolicy: None property: ACCESS_SECRET_KEY - secretKey: AWS_REGION remoteRef: conversionStrategy: Default decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_REGION - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: s3-garage-remote-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: s3-garage-remote-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_KEY_ID - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_SECRET_KEY - - secretKey: AWS_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups + key: /garage/home-infra/s3-exporter metadataPolicy: None property: ACCESS_REGION diff --git a/clusters/cl01tl/monitoring/s3-exporter/values.yaml b/clusters/cl01tl/monitoring/s3-exporter/values.yaml index 4b9407d47..202f0febe 100644 --- a/clusters/cl01tl/monitoring/s3-exporter/values.yaml +++ b/clusters/cl01tl/monitoring/s3-exporter/values.yaml @@ -97,18 +97,15 @@ s3-exporter: - name: S3_ACCESS_KEY valueFrom: secretKeyRef: - name: s3-garage-local-secret + name: s3-garage-secret key: AWS_ACCESS_KEY_ID - name: S3_SECRET_KEY valueFrom: secretKeyRef: - name: s3-garage-local-secret + name: s3-garage-secret key: AWS_SECRET_ACCESS_KEY - name: S3_REGION - valueFrom: - secretKeyRef: - name: s3-garage-local-secret - key: AWS_REGION + value: us-east-1 - name: LOG_LEVEL value: debug - name: S3_FORCE_PATH_STYLE @@ -136,18 +133,15 @@ s3-exporter: - name: S3_ACCESS_KEY valueFrom: secretKeyRef: - name: s3-garage-remote-secret + name: s3-garage-secret key: AWS_ACCESS_KEY_ID - name: S3_SECRET_KEY valueFrom: secretKeyRef: - name: s3-garage-remote-secret + name: s3-garage-secret key: AWS_SECRET_ACCESS_KEY - name: S3_REGION - valueFrom: - secretKeyRef: - name: s3-garage-remote-secret - key: AWS_REGION + value: us-east-1 - name: LOG_LEVEL value: debug - name: S3_FORCE_PATH_STYLE