From 455218cf64c32dd838ca42e0a4b8339de9fad769 Mon Sep 17 00:00:00 2001 From: Joseph Hanson Date: Tue, 22 Oct 2024 21:29:03 -0500 Subject: [PATCH] separate cluster store secrets --- .../apps/anime/radarr/app/externalsecret.yaml | 25 +++++++++++++++---- .../apps/anime/radarr/app/helmrelease.yaml | 2 ++ 2 files changed, 22 insertions(+), 5 deletions(-) diff --git a/kubernetes/apps/anime/radarr/app/externalsecret.yaml b/kubernetes/apps/anime/radarr/app/externalsecret.yaml index 39372d5a..31dd4611 100644 --- a/kubernetes/apps/anime/radarr/app/externalsecret.yaml +++ b/kubernetes/apps/anime/radarr/app/externalsecret.yaml @@ -4,7 +4,6 @@ apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret metadata: name: radarr - namespace: anime spec: secretStoreRef: kind: ClusterSecretStore @@ -17,6 +16,26 @@ spec: PUSHOVER_TOKEN: "{{ .radarr_token }}" PUSHOVER_USER_KEY: "{{ .userkey_jahanson }}" RADARR__AUTH__APIKEY: "{{ .api_key_anime }}" + dataFrom: + - extract: + key: pushover + - extract: + key: radarr +--- +# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: radarr +spec: + secretStoreRef: + name: crunchy-pgo-secrets + kind: ClusterSecretStore + target: + name: radarr-db-secret + template: + engineVersion: v2 + data: RADARR__POSTGRES__HOST: "{{ .pgbouncer-host }}" RADARR__POSTGRES__USER: "{{ .user }}" RADARR__POSTGRES__PASSWORD: "{{ .password }}" @@ -25,7 +44,3 @@ spec: dataFrom: - extract: key: postgres-pguser-radarr-anime - - extract: - key: pushover - - extract: - key: radarr diff --git a/kubernetes/apps/anime/radarr/app/helmrelease.yaml b/kubernetes/apps/anime/radarr/app/helmrelease.yaml index 90b5f48a..3c65e433 100644 --- a/kubernetes/apps/anime/radarr/app/helmrelease.yaml +++ b/kubernetes/apps/anime/radarr/app/helmrelease.yaml @@ -45,6 +45,8 @@ spec: envFrom: - secretRef: name: radarr-secret + - secretRef: + name: radarr-db-secret probes: liveness: &probes enabled: true