1 package externalsecrets
2
3 import (
4 "edge-infra.dev/pkg/edge/constants"
5 "edge-infra.dev/pkg/k8s/konfigkonnector/apis/meta"
6
7 goext "github.com/external-secrets/external-secrets/apis/externalsecrets/v1beta1"
8 esmeta "github.com/external-secrets/external-secrets/apis/meta/v1"
9
10 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
11 )
12
13 func BuildDefaultEdgeClusterSecretStore(projectID string) *goext.ClusterSecretStore {
14 goExtSecNamespace := SecretNamespace
15 return &goext.ClusterSecretStore{
16 TypeMeta: metav1.TypeMeta{
17 APIVersion: goext.SchemeGroupVersion.String(),
18 Kind: goext.ClusterSecretStoreKind,
19 },
20 ObjectMeta: metav1.ObjectMeta{
21 Labels: map[string]string{
22 constants.Tenant: projectID,
23 },
24 Annotations: map[string]string{
25 meta.ProjectAnnotation: projectID,
26 },
27 Name: gcpProvider,
28 },
29 Spec: goext.SecretStoreSpec{
30 Provider: &goext.SecretStoreProvider{
31 GCPSM: &goext.GCPSMProvider{
32 Auth: goext.GCPSMAuth{
33 SecretRef: &goext.GCPSMAuthSecretRef{
34 SecretAccessKey: esmeta.SecretKeySelector{
35 Namespace: &goExtSecNamespace,
36 Name: SecretName,
37 Key: SecretKey,
38 },
39 },
40 },
41 ProjectID: projectID,
42 },
43 },
44 },
45 }
46 }
47
View as plain text