k8s/apps/furumi-dev/external-secrets.yaml

---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
  name: furumi-ng-creds
spec:
  target:
    name: furumi-ng-creds
    deletionPolicy: Delete
    template:
      type: Opaque
      data:
        OIDC_CLIENT_ID: |-
          {{ .client_id }}
        OIDC_CLIENT_SECRET: |-
          {{ .client_secret }}
        OIDC_ISSUER_URL: https://idm.hexor.cy/application/o/furumi-ng-web/
        OIDC_REDIRECT_URL: https://music.hexor.cy/auth/callback
        OIDC_SESSION_SECRET: |-
          {{ .session_secret }}
        PG_STRING: |-
          postgres://furumi_dev:{{ .pg_pass }}@psql.psql.svc:5432/furumi_dev
  data:
    - secretKey: client_id
      sourceRef:
        storeRef:
          name: vaultwarden-login
          kind: ClusterSecretStore
      remoteRef:
        key: 960735e6-2cc9-4b68-9bd3-e6786e5a0cd6
        property: fields[0].value
    - secretKey: client_secret
      sourceRef:
        storeRef:
          name: vaultwarden-login
          kind: ClusterSecretStore
      remoteRef:
        key: 960735e6-2cc9-4b68-9bd3-e6786e5a0cd6
        property: fields[1].value
    - secretKey: session_secret
      sourceRef:
        storeRef:
          name: vaultwarden-login
          kind: ClusterSecretStore
      remoteRef:
        key: 960735e6-2cc9-4b68-9bd3-e6786e5a0cd6
        property: fields[2].value
    - secretKey: pg_pass
      sourceRef:
        storeRef:
          name: vaultwarden-login
          kind: ClusterSecretStore
      remoteRef:
        key: 2a9deb39-ef22-433e-a1be-df1555625e22
        property: fields[17].value
Added furumi-dev 2026-03-19 13:45:52 +00:00			`---`
			`apiVersion: external-secrets.io/v1`
			`kind: ExternalSecret`
			`metadata:`
			`name: furumi-ng-creds`
			`spec:`
			`target:`
			`name: furumi-ng-creds`
			`deletionPolicy: Delete`
			`template:`
			`type: Opaque`
			`data:`
			`OIDC_CLIENT_ID: \|-`
			`{{ .client_id }}`
			`OIDC_CLIENT_SECRET: \|-`
			`{{ .client_secret }}`
			`OIDC_ISSUER_URL: https://idm.hexor.cy/application/o/furumi-ng-web/`
			`OIDC_REDIRECT_URL: https://music.hexor.cy/auth/callback`
			`OIDC_SESSION_SECRET: \|-`
			`{{ .session_secret }}`
			`PG_STRING: \|-`
			`postgres://furumi_dev:{{ .pg_pass }}@psql.psql.svc:5432/furumi_dev`
			`data:`
			`- secretKey: client_id`
			`sourceRef:`
			`storeRef:`
			`name: vaultwarden-login`
			`kind: ClusterSecretStore`
			`remoteRef:`
			`key: 960735e6-2cc9-4b68-9bd3-e6786e5a0cd6`
			`property: fields[0].value`
			`- secretKey: client_secret`
			`sourceRef:`
			`storeRef:`
			`name: vaultwarden-login`
			`kind: ClusterSecretStore`
			`remoteRef:`
			`key: 960735e6-2cc9-4b68-9bd3-e6786e5a0cd6`
			`property: fields[1].value`
			`- secretKey: session_secret`
			`sourceRef:`
			`storeRef:`
			`name: vaultwarden-login`
			`kind: ClusterSecretStore`
			`remoteRef:`
			`key: 960735e6-2cc9-4b68-9bd3-e6786e5a0cd6`
			`property: fields[2].value`
			`- secretKey: pg_pass`
			`sourceRef:`
			`storeRef:`
			`name: vaultwarden-login`
			`kind: ClusterSecretStore`
			`remoteRef:`
			`key: 2a9deb39-ef22-433e-a1be-df1555625e22`
			`property: fields[17].value`