external-secrets chart
Giant Swarm offers an external-secrets App which can be installed in workload clusters.
Here we define the external-secrets chart with its templates and default configuration.
Installing
There are several ways to install this app onto a workload cluster.
- Using GitOps to instantiate the App
- Using our web interface.
- By creating an App resource in the management cluster as explained in Getting started with App Platform.
Configuring
values.yaml
This is an example of a values file you could upload using our web interface.
# values.yaml
crds:
createClusterExternalSecret: true
createClusterSecretStore: trueTemplating
You can use the official Giant Swarm kubectl plug-in to template the App CR and related resources.
kubectl gs template app \
--catalog giantswarm-catalog \
--name external-secrets \
--version 0.2.1 \
--target-namespace org-example \
--cluster-name abc123 \
--user-configmap values.yamlSample App CR and ConfigMap for the management cluster
If you have access to the Kubernetes API on the management cluster, you could create the App CR and ConfigMap directly.
Here is an example that would install the app to workload cluster abc12:
# app.yaml
---
apiVersion: application.giantswarm.io/v1alpha1
kind: App
metadata:
name: external-secrets
namespace: abc123
spec:
catalog: giantswarm-catalog
kubeConfig:
inCluster: false
name: external-secrets
namespace: org-example
userConfig:
configMap:
name: external-secrets-userconfig-abc123
namespace: abc123
version: 0.2.1# user-values-configmap.yaml
---
apiVersion: v1
data:
values: |+
crds:
createClusterExternalSecret: true
createClusterSecretStore: true
kind: ConfigMap
metadata:
name: external-secrets-userconfig-abc123
namespace: abc123See our full reference on how to configure apps for more details.