infrastructure/addons/flux-ui/cluster-user-auth-externalsecret.yaml

apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
  name: cluster-user-auth
  namespace: flux-system
spec:
  refreshInterval: 1h
  secretStoreRef:
    name: doppler-hetznerterra
    kind: ClusterSecretStore
  target:
    name: cluster-user-auth
    creationPolicy: Owner
    template:
      type: Opaque
      data:
        username: "{{ .fluxAdminUsername }}"
        password: "{{ .fluxAdminPasswordHash }}"
  data:
    - secretKey: fluxAdminUsername
      remoteRef:
        key: WEAVE_GITOPS_ADMIN_USERNAME
    - secretKey: fluxAdminPasswordHash
      remoteRef:
        key: WEAVE_GITOPS_ADMIN_PASSWORD_BCRYPT_HASH
feat: sync runtime secrets from doppler 2026-03-09 00:25:41 +00:00			`apiVersion: external-secrets.io/v1`
			`kind: ExternalSecret`
			`metadata:`
			`name: cluster-user-auth`
			`namespace: flux-system`
			`spec:`
			`refreshInterval: 1h`
			`secretStoreRef:`
			`name: doppler-hetznerterra`
			`kind: ClusterSecretStore`
			`target:`
			`name: cluster-user-auth`
			`creationPolicy: Owner`
			`template:`
			`type: Opaque`
			`data:`
			`username: "{{ .fluxAdminUsername }}"`
			`password: "{{ .fluxAdminPasswordHash }}"`
			`data:`
			`- secretKey: fluxAdminUsername`
			`remoteRef:`
			`key: WEAVE_GITOPS_ADMIN_USERNAME`
			`- secretKey: fluxAdminPasswordHash`
			`remoteRef:`
			`key: WEAVE_GITOPS_ADMIN_PASSWORD_BCRYPT_HASH`