Giant Swarm offers an external-secrets
App which can be installed in workload clusters.
Here we define the external-secrets
chart with its templates and default configuration.
There are several ways to install this app onto a workload cluster.
- Using GitOps to instantiate the App
- Using our web interface.
- By creating an App resource in the management cluster as explained in Getting started with App Platform.
This is an example of a values file you could upload using our web interface.
# values.yaml
crds:
createClusterExternalSecret: true
createClusterSecretStore: true
You can use the official Giant Swarm kubectl plug-in to template the App CR and related resources.
kubectl gs template app \
--catalog giantswarm-catalog \
--name external-secrets \
--version 0.2.1 \
--target-namespace org-example \
--cluster-name abc123 \
--user-configmap values.yaml
If you have access to the Kubernetes API on the management cluster, you could create the App CR and ConfigMap directly.
Here is an example that would install the app to workload cluster abc12
:
# app.yaml
---
apiVersion: application.giantswarm.io/v1alpha1
kind: App
metadata:
name: external-secrets
namespace: abc123
spec:
catalog: giantswarm-catalog
kubeConfig:
inCluster: false
name: external-secrets
namespace: org-example
userConfig:
configMap:
name: external-secrets-userconfig-abc123
namespace: abc123
version: 0.2.1
# user-values-configmap.yaml
---
apiVersion: v1
data:
values: |+
crds:
createClusterExternalSecret: true
createClusterSecretStore: true
kind: ConfigMap
metadata:
name: external-secrets-userconfig-abc123
namespace: abc123
See our full reference on how to configure apps for more details.