kind: ExternalSecret apiVersion: external-secrets.io/v1beta1 metadata: name: {{ .Values.externalSecrets.diiaExternalSecret.name }} spec: refreshInterval: {{ .Values.externalSecrets.diiaExternalSecret.refreshInterval }} secretStoreRef: name: {{ .Values.externalSecrets.diiaExternalSecret.secretStoreRef.name }} kind: SecretStore target: name: {{ .Values.externalSecrets.diiaExternalSecret.target.name }} data: - secretKey: "external-systems.diia.auth.secret.token" remoteRef: {{- if (index .Values "external-systems").diia.auth }}{{- if (index .Values "external-systems").diia.auth.type }} {{- $vaultPath := split ":" (index .Values "external-systems").diia.auth.secret }} key: {{ print $vaultPath._1 }} property: "external-systems.diia.auth.secret.token" {{- end }} {{ else }} key: "registry-kv/registry/{{ .Values.namespace }}/external-systems/diia" property: "external-systems.diia.auth.secret.token" {{- end }}