Add External Secrets Operator to an OPF cluster

Add External Secrets Operator to an OPF cluster#

Pre-requisites:#

No pre-requisites, anyone can make this PR, additional ArgoCD access may be required to verify Argocd Apps are successfully synced, and resources are applied.

Deploy the operator:#

Add the ESO bundle to the cluster-scope/overlay/prod/$ENV/$CLUSTER/kustomization.yaml.

The OLM operator is a helm chart deployer, and lives in the openshift-operators namespace. We use this operator to deploy the actual operator via an OperatorConfig resource, which essentially allows us to specify the helm chart values via an OCP resource. The bundle above creates the namespace where this resource will live. We deploy this resource separately via an argocd app.

Add OperatorConfig resource#

Note: For details on this resource see OLM page for ESO here

Add your OperatorConfig to the target cluster’s overlay found at the root of the operate-first/apps repo here: operate-first/apps/external-secrets/overlays/$ENV/$CLUSTER. If you prefer the default config, feel free to just leverage the one in base directory.

Add the ArgoCD app#

Follow the instructions here to add your ArgoCD app. In general we recommend adding it to the cluster-managerment ArgoCD Project.

Commit your changes and create a PR.