---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
  name: cloudnative-pg
  namespace: fediverse
spec:
  secretStoreRef:
    kind: ClusterSecretStore
    name: onepassword-connect
  target:
    name: cloudnative-pg-secret
    creationPolicy: Owner
    template:
      engineVersion: v2
      metadata:
        labels:
          cnpg.io/reload: "true"
  data:
    - secretKey: username
      remoteRef:
        key: cloudnative-pg
        property: POSTGRES_SUPER_USER
    - secretKey: password
      remoteRef:
        key: cloudnative-pg
        property: POSTGRES_SUPER_PASS
    - secretKey: aws-access-key-id
      remoteRef:
        key: cloudnative-pg
        property: AWS_ACCESS_KEY_ID
    - secretKey: aws-secret-access-key
      remoteRef:
        key: cloudnative-pg
        property: AWS_SECRET_ACCESS_KEY