From a6e7132252ecf62fd93042b5657be3235981e97b Mon Sep 17 00:00:00 2001
From: Victor Roest <victor@xirion.net>
Date: Fri, 29 Oct 2021 21:26:22 +0200
Subject: [PATCH] external-secrets: reconfig vault

---
 .../external-secrets/vault-secret-store.yaml  | 26 +++++++++++--------
 1 file changed, 15 insertions(+), 11 deletions(-)

diff --git a/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml b/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml
index 929866e..916d7e2 100644
--- a/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml
+++ b/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml
@@ -13,14 +13,18 @@ spec:
         # VaultAppRole authenticates with Vault using the
         # App Role auth mechanism
         # https://www.vaultproject.io/docs/auth/approle
-        appRole:
-          # Path where the App Role authentication backend is mounted
-          path: "approle"
-          # RoleID configured in the App Role authentication backend
-          roleId: "bb841a0e-45c1-9dab-36f0-f72647d6aff0"
-          # Reference to a key in a K8 Secret that contains the App Role SecretId
-          # (not commited in git)
-          secretRef:
-            name: "vault-secret-id"
-            namespace: "external-secrets"
-            key: "secret-id"
+        tokenSecretRef:
+          name: "vault-secret-id"
+          namespace: "external-secrets"
+          key: "token"
+        # appRole:
+        #   # Path where the App Role authentication backend is mounted
+        #   path: "approle"
+        #   # RoleID configured in the App Role authentication backend
+        #   roleId: "bb841a0e-45c1-9dab-36f0-f72647d6aff0"
+        #   # Reference to a key in a K8 Secret that contains the App Role SecretId
+        #   # (not commited in git)
+        #   secretRef:
+        #     name: "vault-secret-id"
+        #     namespace: "external-secrets"
+        #     key: "secret-id"