apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
  name: zot-registry-credentials
  namespace: argocd
spec:
  refreshInterval: 1h
  secretStoreRef:
    kind: ClusterSecretStore
    name: vault-backend
  target:
    name: zot-registry-credentials
    creationPolicy: Owner
    template:
      type: kubernetes.io/dockerconfigjson
      data:
        .dockerconfigjson: |
          {"auths":{"zot0213.kro.kr":{"username":"{{ .USERNAME }}","password":"{{ .PASSWORD }}","auth":"{{ printf "%s:%s" .USERNAME .PASSWORD | b64enc }}"}}}
  data:
    - secretKey: USERNAME
      remoteRef:
        key: zot
        property: USERNAME
    - secretKey: PASSWORD
      remoteRef:
        key: zot
        property: PASSWORD
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
  name: github-creds
  namespace: argocd
spec:
  refreshInterval: 1h
  secretStoreRef:
    kind: ClusterSecretStore
    name: vault-backend
  target:
    name: github-creds
    creationPolicy: Owner
  data:
    - secretKey: username
      remoteRef:
        key: github
        property: username
    - secretKey: password
      remoteRef:
        key: github
        property: password
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
  name: gitea-creds
  namespace: argocd
spec:
  refreshInterval: 1h
  secretStoreRef:
    kind: ClusterSecretStore
    name: vault-backend
  target:
    name: gitea-creds
    creationPolicy: Owner
    template:
      metadata:
        labels:
          argocd.argoproj.io/secret-type: repo-creds
      data:
        type: git
        url: https://github0213.com
        username: "{{ .username }}"
        password: "{{ .password }}"
  data:
    - secretKey: username
      remoteRef:
        key: gitea
        property: username
    - secretKey: password
      remoteRef:
        key: gitea
        property: password