fix: add push secret

Signed-off-by: Chris Butler <[email protected]>
opendatahub-io-contrib · May 16, 2024 · efc4908 · efc4908
1 parent 07e0d6c
commit efc4908
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 3 deletions.
diff --git a/charts/all/test-dsp/templates/push-secret.yaml b/charts/all/test-dsp/templates/push-secret.yaml
@@ -0,0 +1,21 @@
+apiVersion: external-secrets.io/v1alpha1
+kind: PushSecret
+metadata:
+  name: pushsecret # Customisable
+  namespace: {{ .Values.dsp.name }} # Same of the SecretStores
+spec:
+  updatePolicy: Replace # Policy to overwrite existing secrets in the provider on sync
+  deletionPolicy: Delete # the provider' secret will be deleted if the PushSecret is deleted
+  refreshInterval: 10s # Refresh interval for which push secret will reconcile
+  secretStoreRefs: # A list of secret stores to push secrets to
+    - name: {{ .Values.secretStore.name }}
+      kind: {{ .Values.secretStore.kind }}
+  selector:
+    secret:
+      name: {{ .Values.dsp.name }}-obc # Source Kubernetes secret to be pushed
+  data:
+    - conversionStrategy: None # Also supports the ReverseUnicode strategy
+      match:
+        secretKey: data # Source Kubernetes secret key to be pushed
+        remoteRef:
+          remoteKey: "secret/data/global/{{ .Values.dsp.name }}-aws" # Remote reference (where the secret is going to be pushed)
diff --git a/charts/all/test-dsp/values.yaml b/charts/all/test-dsp/values.yaml
@@ -1,6 +1,4 @@
 
-
-
 secretStore:
   name: vault-backend
   kind: ClusterSecretStore
@@ -12,7 +10,6 @@ secretStore:
 dsp:
   name: test-project
   description: "My dsp test project"
-  bucketName: bucket
   notebookStorage: '20Gi'