Extend secrets helm chart

argo/miniflux/values.yaml

@@ -6,6 +6,8 @@ serviceAccountName: miniflux
 externalSecrets:
   secretStoreName: miniflux
   vaultRole: miniflux
+  secretPaths:
+    - name: miniflux
       secrets:
       - secretKey: miniflux_admin_pw
         key: miniflux
@@ -13,6 +15,7 @@ externalSecrets:
       - secretKey: miniflux_db_url
         key: miniflux
         property: miniflux_db_url
+
 istio:
   commonName: rss.minhas.io
   ingressSelector: ingressgateway

argo/pihole/values.yaml

@@ -6,6 +6,8 @@ serviceAccountName: default
 externalSecrets:
   secretStoreName: default
   vaultRole: external-dns
+  secretPaths:
+    - name: pihole
       secrets:
       - secretKey: pihole-password
         key: external-dns

argo/secrets/templates/external-secrets.yaml

@@ -59,18 +59,19 @@ spec:
           secretRef:
             name: "serviceaccounttoken"
 ...
+{{- range .Values.externalSecrets.secretPaths }}
 ---
 apiVersion: external-secrets.io/v1beta1
 kind: ExternalSecret
 metadata:
-  name: {{ .Values.name }}
-  namespace: {{ .Values.namespace }}
+  name: {{ .name }}
+  namespace: {{ $.Values.namespace }}
 spec:
   secretStoreRef:
-    name: {{ .Values.externalSecrets.secretStoreName }}
+    name: {{ $.Values.externalSecrets.secretStoreName }}
     kind: SecretStore
   data:
-{{- range .Values.externalSecrets.secrets }}
+{{- range .secrets }}
   - secretKey: {{ .secretKey }}
     remoteRef:
       conversionStrategy: Default
@@ -79,4 +80,5 @@ spec:
       property: {{ .property }}
 {{- end }}
 ...
+{{- end }}
 {{ end }}

argo/vault-config-operator/values.yaml

@@ -5,6 +5,8 @@ serviceAccountName: vault-config-operator
 externalSecrets:
   secretStoreName: vault-config-operator
   vaultRole: vault-config-operator
+  secretPaths:
+    - name: vault-config-operator
       secrets:
       - secretKey: ca.crt
         key: vault-config-operator