# SealedSecrets Controller Installation apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: sealed-secrets namespace: argocd finalizers: - resources-finalizer.argocd.argoproj.io spec: project: default source: repoURL: https://bitnami-labs.github.io/sealed-secrets chart: sealed-secrets targetRevision: 2.15.0 helm: releaseName: sealed-secrets parameters: - name: namespace value: kube-system destination: server: https://kubernetes.default.svc namespace: kube-system syncPolicy: automated: prune: true selfHeal: true --- # Example SealedSecret for Coordinator API Keys apiVersion: bitnami.com/v1alpha1 kind: SealedSecret metadata: name: coordinator-api-keys namespace: default annotations: sealedsecrets.bitnami.com/cluster-wide: "true" spec: encryptedData: # Production API key (encrypted) api-key-prod: AgBy3i4OJSWK+PiTySYZZA9rO43cGDEQAx... # Staging API key (encrypted) api-key-staging: AgBy3i4OJSWK+PiTySYZZA9rO43cGDEQAx... # Development API key (encrypted) api-key-dev: AgBy3i4OJSWK+PiTySYZZA9rO43cGDEQAx... template: metadata: name: coordinator-api-keys namespace: default type: Opaque --- # Example SealedSecret for Database Credentials apiVersion: bitnami.com/v1alpha1 kind: SealedSecret metadata: name: coordinator-db-credentials namespace: default spec: encryptedData: username: AgBy3i4OJSWK+PiTySYZZA9rO43cGDEQAx... password: AgBy3i4OJSWK+PiTySYZZA9rO43cGDEQAx... database: AgBy3i4OJSWK+PiTySYZZA9rO43cGDEQAx... template: metadata: name: coordinator-db-credentials namespace: default type: Opaque --- # Example SealedSecret for JWT Signing Keys (if needed in future) apiVersion: bitnami.com/v1alpha1 kind: SealedSecret metadata: name: coordinator-jwt-keys namespace: default spec: encryptedData: private-key: AgBy3i4OJSWK+PiTySYZZA9rO43cGDEQAx... public-key: AgBy3i4OJSWK+PiTySYZZA9rO43cGDEQAx... template: metadata: name: coordinator-jwt-keys namespace: default type: Opaque