I'm trying to configure a PushSecret to push a cert-manager tls cert secret to Hashicorp Vault.
This is my PushSecret manifest
---
apiVersion: external-secrets.io/v1alpha1
kind: PushSecret
metadata:
name: example-pushsecret # Customisable
namespace: example # Same of the SecretStores
spec:
deletionPolicy: Delete # the provider' secret will be deleted if the PushSecret is deleted
refreshInterval: 10s # Refresh interval for which push secret will reconcile
secretStoreRefs: # A list of secret stores to push secrets to
- name: secretstore-example
kind: SecretStore
selector:
secret:
name: example-client-cert-streaming # Source Kubernetes secret to be pushed
data:
- match:
remoteRef:
remoteKey: /example/example-client-cert-streaming # Remote reference (where the secret is going to be pushed)
I'm getting the following error:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning Errored 52s (x9 over 29m) pushsecret set secret failed: could not write remote ref to target secretstore secretstore-example: error unmarshalling vault secret: unexpected end of JSON input
I'm not sure I understand why it is trying to unmarshall the vault secret. Am I doing something wrong here?