33 lines
1.0 KiB
YAML
33 lines
1.0 KiB
YAML
# Runtime secret placeholder for the self-hosted Apple MDM substrate.
|
|
#
|
|
# OnePasswordItem operator syncs this item into a Kubernetes Secret with the
|
|
# same name. Expected fields for MDM-N1:
|
|
# NANOHUB_API_KEY
|
|
#
|
|
# Optional fields for later lanes:
|
|
# NANOHUB_WEBHOOK_URL
|
|
# APNS_MDM_CERT_PEM
|
|
# APNS_MDM_KEY_PEM
|
|
# APNS_MDM_TOPIC
|
|
# SCEP_CA_CERT_PEM
|
|
# SCEP_CA_KEY_PEM
|
|
# PROFILE_SIGNING_CERT_PEM
|
|
# PROFILE_SIGNING_KEY_PEM
|
|
#
|
|
# Do not commit APNs, SCEP, profile-signing, webhook, or API key material to
|
|
# Git. MDM-N1 only consumes NANOHUB_API_KEY and optional NANOHUB_WEBHOOK_URL.
|
|
apiVersion: onepassword.com/v1
|
|
kind: OnePasswordItem
|
|
metadata:
|
|
name: fc-apple-mdm-runtime
|
|
namespace: fc-apple-mdm
|
|
labels:
|
|
app.kubernetes.io/name: fc-apple-mdm
|
|
app.kubernetes.io/component: secrets
|
|
app.kubernetes.io/part-of: flowercore
|
|
app.kubernetes.io/managed-by: argocd
|
|
flowercore.io/tenant-id: system
|
|
flowercore.io/created-by: bluejay-infra
|
|
spec:
|
|
itemPath: "vaults/IAmWorkin/items/FlowerCore Apple MDM Runtime"
|