From dfd2ce77549c7401db9555d7983604d3c12823ba Mon Sep 17 00:00:00 2001 From: tegwick Date: Thu, 2 Jul 2026 12:56:21 +0200 Subject: [PATCH] activity-core: ExternalSecret for llm-connect-provider-secrets via openbao-activity-core CSS (CCR-2026-0003) Co-Authored-By: Claude Fable 5 --- .../externalsecret.yaml | 21 +++++++++++++++++++ .../kustomization.yaml | 1 + 2 files changed, 22 insertions(+) create mode 100644 deploy/k8s/activity-core-llm-connect/externalsecret.yaml diff --git a/deploy/k8s/activity-core-llm-connect/externalsecret.yaml b/deploy/k8s/activity-core-llm-connect/externalsecret.yaml new file mode 100644 index 0000000..ff0738c --- /dev/null +++ b/deploy/k8s/activity-core-llm-connect/externalsecret.yaml @@ -0,0 +1,21 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: llm-connect-provider-secrets + namespace: activity-core + labels: + app.kubernetes.io/name: llm-connect + app.kubernetes.io/part-of: railiance-gitops +spec: + refreshInterval: 1h + secretStoreRef: + kind: ClusterSecretStore + name: openbao-activity-core + target: + name: llm-connect-provider-secrets + creationPolicy: Owner + data: + - secretKey: OPENROUTER_API_KEY + remoteRef: + key: platform/workloads/activity-core/llm-connect/llm-connect-provider-secrets + property: OPENROUTER_API_KEY diff --git a/deploy/k8s/activity-core-llm-connect/kustomization.yaml b/deploy/k8s/activity-core-llm-connect/kustomization.yaml index 456af66..819ced8 100644 --- a/deploy/k8s/activity-core-llm-connect/kustomization.yaml +++ b/deploy/k8s/activity-core-llm-connect/kustomization.yaml @@ -5,3 +5,4 @@ resources: - deployment.yaml - service.yaml - networkpolicy.yaml + - externalsecret.yaml