blumeops/argocd/manifests/mealie/external-secret.yaml

---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
  name: mealie-oidc
  namespace: mealie
spec:
  refreshInterval: 1h
  secretStoreRef:
    kind: ClusterSecretStore
    name: onepassword-blumeops
  target:
    name: mealie-oidc
    creationPolicy: Owner
  data:
    - secretKey: client-secret
      remoteRef:
        key: "Authentik (blumeops)"
        property: mealie-client-secret