blumeops/argocd/apps/1password-connect.yaml

# 1Password Connect - Secrets Automation Server
# Provides REST API access to 1Password vault items for External Secrets Operator
#
# Chart mirrored from https://github.com/1Password/connect-helm-charts
#
# Prerequisites (one-time setup):
# 1. Create Connect server: op connect server create blumeops --vaults blumeops
# 2. Create token: op connect token create blumeops --server <server-id> --vault blumeops
# 3. Store credentials in 1Password item "1Password Connect" in blumeops vault
# 4. Bootstrap secret:
#    kubectl --context=minikube-indri create namespace 1password
#    op inject -i argocd/manifests/1password-connect/secret-credentials.yaml.tpl | \
#      kubectl --context=minikube-indri apply -f -
#
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: 1password-connect
  namespace: argocd
spec:
  project: default
  sources:
    - repoURL: ssh://forgejo@forge.ops.eblu.me:2222/eblume/connect-helm-charts.git
      targetRevision: connect-2.3.0
      path: charts/connect
      helm:
        releaseName: onepassword-connect
        valueFiles:
          - $values/argocd/manifests/1password-connect/values.yaml
    - repoURL: ssh://forgejo@forge.ops.eblu.me:2222/eblume/blumeops.git
      targetRevision: main
      ref: values
  destination:
    server: https://kubernetes.default.svc
    namespace: 1password
  syncPolicy:
    syncOptions:
      - CreateNamespace=true