update secret

carpenike · Nov 27, 2024 · 3d236b8 · 3d236b8
1 parent 0e383d0
commit 3d236b8
Showing 1 changed file with 42 additions and 15 deletions.
diff --git a/kubernetes/cluster-0/apps/dev/actions-runner-controller/operator/externalsecret.yaml b/kubernetes/cluster-0/apps/dev/actions-runner-controller/operator/externalsecret.yaml
@@ -1,26 +1,53 @@
+# ---
+# # yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json
+# apiVersion: external-secrets.io/v1beta1
+# kind: ExternalSecret
+# metadata:
+#   name: actions-runner-controller-auth
+# spec:
+#   secretStoreRef:
+#     kind: ClusterSecretStore
+#     name: onepassword-connect
+#   target:
+#     name: actions-runner-controller-auth-secret
+#     template:
+#       engineVersion: v2
+#       data:
+#         ACTION_RUNNER_CONTROLLER_GITHUB_APP_ID: |-
+#           {{ .ACTION_RUNNER_CONTROLLER_GITHUB_APP_ID }}
+#         ACTION_RUNNER_CONTROLLER_GITHUB_INSTALLATION_ID: |-
+#           {{ .ACTION_RUNNER_CONTROLLER_GITHUB_INSTALLATION_ID }}
+#         ACTION_RUNNER_CONTROLLER_GITHUB_PRIVATE_KEY: |-
+#           {{ .ACTION_RUNNER_CONTROLLER_GITHUB_PRIVATE_KEY }}
+#         ACTION_RUNNER_CONTROLLER_GITHUB_WEBHOOK_SECRET_TOKEN: |-
+#           {{ .ACTION_RUNNER_CONTROLLER_GITHUB_WEBHOOK_SECRET_TOKEN }}
+#   dataFrom:
+#     - extract:
+#         key: actions-runner-controller
 ---
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json
+# yaml-language-server: $schema=https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/external-secrets.io/externalsecret_v1beta1.json
 apiVersion: external-secrets.io/v1beta1
 kind: ExternalSecret
 metadata:
   name: actions-runner-controller-auth
 spec:
+  refreshInterval: 5m
   secretStoreRef:
     kind: ClusterSecretStore
     name: onepassword-connect
   target:
-    name: actions-runner-controller-auth-secret
-    template:
-      engineVersion: v2
-      data:
-        ACTION_RUNNER_CONTROLLER_GITHUB_APP_ID: |-
-          {{ .ACTION_RUNNER_CONTROLLER_GITHUB_APP_ID }}
-        ACTION_RUNNER_CONTROLLER_GITHUB_INSTALLATION_ID: |-
-          {{ .ACTION_RUNNER_CONTROLLER_GITHUB_INSTALLATION_ID }}
-        ACTION_RUNNER_CONTROLLER_GITHUB_PRIVATE_KEY: |-
-          {{ .ACTION_RUNNER_CONTROLLER_GITHUB_PRIVATE_KEY }}
-        ACTION_RUNNER_CONTROLLER_GITHUB_WEBHOOK_SECRET_TOKEN: |-
-          {{ .ACTION_RUNNER_CONTROLLER_GITHUB_WEBHOOK_SECRET_TOKEN }}
-  dataFrom:
-    - extract:
+    name: actions-runner-controller-auth
+    creationPolicy: Owner
+  data:
+    - secretKey: github_app_id
+      remoteRef:
         key: actions-runner-controller
+        property: ACTION_RUNNER_CONTROLLER_GITHUB_APP_ID
+    - secretKey: github_app_installation_id
+      remoteRef:
+        key: actions-runner-controller
+        property: ACTION_RUNNER_CONTROLLER_GITHUB_INSTALLATION_ID
+    - secretKey: github_app_private_key
+      remoteRef:
+        key: actions-runner-controller
+        property: ACTION_RUNNER_CONTROLLER_GITHUB_PRIVATE_KEY