apiVersion: iam.cnrm.cloud.google.com/v1beta1 kind: IAMPolicyMember metadata: name: external-secrets-secret-accessor namespace: external-secrets annotations: cnrm.cloud.google.com/project-id: ${gcp_project_id} pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: external-secrets-operator pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a labels: cluster_hash: ${cluster_hash} cluster_uuid: ${cluster_uuid} spec: member: serviceAccount:ext-sec-${cluster_hash}@${gcp_project_id}.iam.gserviceaccount.com resourceRef: apiVersion: resourcemanager.cnrm.cloud.google.com/v1beta1 kind: Project external: "projects/${gcp_project_id}" role: roles/secretmanager.secretAccessor --- apiVersion: iam.cnrm.cloud.google.com/v1beta1 kind: IAMServiceAccount metadata: name: external-secrets namespace: external-secrets annotations: cnrm.cloud.google.com/project-id: ${gcp_project_id} pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: external-secrets-operator pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a labels: cluster_hash: ${cluster_hash} cluster_uuid: ${cluster_uuid} spec: displayName: ${cluster_hash} external-secrets resourceID: ext-sec-${cluster_hash} --- apiVersion: iam.cnrm.cloud.google.com/v1beta1 kind: IAMServiceAccountKey metadata: name: external-secrets-gcp-api-key namespace: external-secrets annotations: cnrm.cloud.google.com/project-id: ${gcp_project_id} pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: external-secrets-operator pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a labels: cluster_hash: ${cluster_hash} cluster_uuid: ${cluster_uuid} spec: serviceAccountRef: name: external-secrets --- apiVersion: iam.cnrm.cloud.google.com/v1beta1 kind: IAMServiceAccountKey metadata: name: gcp-creds namespace: external-secrets annotations: cnrm.cloud.google.com/project-id: ${gcp_project_id} pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: external-secrets-operator pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a labels: cluster_hash: ${cluster_hash} cluster_uuid: ${cluster_uuid} spec: serviceAccountRef: name: external-secrets --- apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1 kind: SecretManagerSecret metadata: name: external-secrets-${cluster_uuid}-gcp-api-key namespace: external-secrets annotations: cnrm.cloud.google.com/project-id: ${gcp_project_id} pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: external-secrets-operator pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a labels: cluster_hash: ${cluster_hash} cluster_uuid: ${cluster_uuid} spec: replication: automatic: true --- apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1 kind: SecretManagerSecretVersion metadata: name: external-secrets-${cluster_uuid}-gcp-api-key namespace: external-secrets annotations: cnrm.cloud.google.com/project-id: ${gcp_project_id} pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: external-secrets-operator pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a labels: cluster_hash: ${cluster_hash} cluster_uuid: ${cluster_uuid} spec: secretRef: name: external-secrets-${cluster_uuid}-gcp-api-key enabled: false secretData: valueFrom: secretKeyRef: name: external-secrets-gcp-api-key key: key.json --- apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1 kind: SecretManagerSecretVersion metadata: name: external-secrets-${cluster_uuid}-gcp-api-key-2 namespace: external-secrets annotations: cnrm.cloud.google.com/project-id: ${gcp_project_id} pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: external-secrets-operator pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a labels: cluster_hash: ${cluster_hash} cluster_uuid: ${cluster_uuid} spec: secretRef: name: external-secrets-${cluster_uuid}-gcp-api-key enabled: true secretData: valueFrom: secretKeyRef: name: gcp-creds key: key.json