From fd61f967d3db6e6eae72283501973048f8e330e9 Mon Sep 17 00:00:00 2001 From: Vasu Nayak Date: Fri, 24 Oct 2025 11:39:14 +0000 Subject: [PATCH 1/6] changed proposed items --- content/tutorials/esc-external-secret-operator/index.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/content/tutorials/esc-external-secret-operator/index.md b/content/tutorials/esc-external-secret-operator/index.md index a026de6fc157..f0b2aee89102 100644 --- a/content/tutorials/esc-external-secret-operator/index.md +++ b/content/tutorials/esc-external-secret-operator/index.md @@ -44,6 +44,8 @@ helm repo update helm upgrade --install external-secrets external-secrets/external-secrets \ --namespace external-secrets \ + --set installCRDs=true \ + --version 0.10.4 \ --create-namespace \ --wait ``` From 43c2f1b96d635414568aefc06a225ac3af09f7d5 Mon Sep 17 00:00:00 2001 From: Vasu Nayak Date: Mon, 27 Oct 2025 13:37:52 +0000 Subject: [PATCH 2/6] updated comments --- .../esc-external-secret-operator/index.md | 39 ++++++++++--------- 1 file changed, 21 insertions(+), 18 deletions(-) diff --git a/content/tutorials/esc-external-secret-operator/index.md b/content/tutorials/esc-external-secret-operator/index.md index f0b2aee89102..2ed9ade6c250 100644 --- a/content/tutorials/esc-external-secret-operator/index.md +++ b/content/tutorials/esc-external-secret-operator/index.md @@ -39,42 +39,44 @@ prereqs: #### Install from Helm Chart Repository ```bash +# add ESO Operator Chart repo into helm helm repo add external-secrets https://charts.external-secrets.io helm repo update +# installs latest ESO Operator Chart, creates also namespace helm upgrade --install external-secrets external-secrets/external-secrets \ - --namespace external-secrets \ - --set installCRDs=true \ - --version 0.10.4 \ - --create-namespace \ - --wait + --namespace external-secrets \ + --create-namespace \ + --wait ``` #### Create secret containing Pulumi access token ```bash +# create a local k8s secret to store(PAT), to allow accessing Pulumi Cloud Resources kubectl create secret generic pulumi-access-token --from-literal=PULUMI_ACCESS_TOKEN=${PULUMI_ACCESS_TOKEN} \ --namespace external-secrets ``` #### Create ClusterSecretStore -Now you can create a [ClusterSecretStore](https://external-secrets.io/main/api/clustersecretstore/) resource that will tell External Secrets Operator to use Pulumi ESC as a secret provider. +You can create a [ClusterSecretStore](https://external-secrets.io/main/api/clustersecretstore/) resource that will tell External Secrets Operator to use Pulumi ESC as a secret provider. If you want to limit the access by namespace, you can create a [SecretStore](https://external-secrets.io/main/api/secretstore/) resource instead, which is scoped to a single namespace. ```yaml cat < Date: Mon, 27 Oct 2025 16:35:59 +0000 Subject: [PATCH 3/6] changes as per review comments --- .../tutorials/esc-external-secret-operator/index.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/content/tutorials/esc-external-secret-operator/index.md b/content/tutorials/esc-external-secret-operator/index.md index 2ed9ade6c250..6e8f882ab432 100644 --- a/content/tutorials/esc-external-secret-operator/index.md +++ b/content/tutorials/esc-external-secret-operator/index.md @@ -60,9 +60,9 @@ kubectl create secret generic pulumi-access-token --from-literal=PULUMI_ACCESS_T #### Create ClusterSecretStore -You can create a [ClusterSecretStore](https://external-secrets.io/main/api/clustersecretstore/) resource that will tell External Secrets Operator to use Pulumi ESC as a secret provider. +You can create a [SecretStore](https://external-secrets.io/main/api/secretstore/) resource to notify External Secrets Operator to use Pulumi ESC as a secret provider for a specific namespace. -If you want to limit the access by namespace, you can create a [SecretStore](https://external-secrets.io/main/api/secretstore/) resource instead, which is scoped to a single namespace. +However if you want to expand the scope to entire cluster, you can use a [ClusterSecretStore](https://external-secrets.io/main/api/clustersecretstore/) resource, instead. ```yaml cat < Date: Mon, 27 Oct 2025 16:38:36 +0000 Subject: [PATCH 4/6] fixed review comments --- content/tutorials/esc-external-secret-operator/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/tutorials/esc-external-secret-operator/index.md b/content/tutorials/esc-external-secret-operator/index.md index 6e8f882ab432..c8588f20946f 100644 --- a/content/tutorials/esc-external-secret-operator/index.md +++ b/content/tutorials/esc-external-secret-operator/index.md @@ -60,7 +60,7 @@ kubectl create secret generic pulumi-access-token --from-literal=PULUMI_ACCESS_T #### Create ClusterSecretStore -You can create a [SecretStore](https://external-secrets.io/main/api/secretstore/) resource to notify External Secrets Operator to use Pulumi ESC as a secret provider for a specific namespace. +You can create a [SecretStore](https://external-secrets.io/main/api/secretstore/) resource to notify External Secrets Operator to use Pulumi ESC as a secret provider for a specific namespace. However if you want to expand the scope to entire cluster, you can use a [ClusterSecretStore](https://external-secrets.io/main/api/clustersecretstore/) resource, instead. From 9194a21786639ff2e41265bd541792242e94c4fe Mon Sep 17 00:00:00 2001 From: Vasu Nayak Date: Tue, 28 Oct 2025 11:02:31 +0000 Subject: [PATCH 5/6] apply grammar fixes --- content/tutorials/esc-external-secret-operator/index.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/content/tutorials/esc-external-secret-operator/index.md b/content/tutorials/esc-external-secret-operator/index.md index c8588f20946f..5a2c8fe73bd4 100644 --- a/content/tutorials/esc-external-secret-operator/index.md +++ b/content/tutorials/esc-external-secret-operator/index.md @@ -60,9 +60,9 @@ kubectl create secret generic pulumi-access-token --from-literal=PULUMI_ACCESS_T #### Create ClusterSecretStore -You can create a [SecretStore](https://external-secrets.io/main/api/secretstore/) resource to notify External Secrets Operator to use Pulumi ESC as a secret provider for a specific namespace. +You can create a [SecretStore](https://external-secrets.io/main/api/secretstore/) resource to notify the External Secrets Operator to use Pulumi ESC as a secret provider for a specific namespace. -However if you want to expand the scope to entire cluster, you can use a [ClusterSecretStore](https://external-secrets.io/main/api/clustersecretstore/) resource, instead. +However, if you want to expand the scope to entire cluster, you can use a [ClusterSecretStore](https://external-secrets.io/main/api/clustersecretstore/) resource instead. ```yaml cat < Date: Tue, 28 Oct 2025 11:33:48 +0000 Subject: [PATCH 6/6] added an article --- content/tutorials/esc-external-secret-operator/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/tutorials/esc-external-secret-operator/index.md b/content/tutorials/esc-external-secret-operator/index.md index 5a2c8fe73bd4..a7b1e53c2ec9 100644 --- a/content/tutorials/esc-external-secret-operator/index.md +++ b/content/tutorials/esc-external-secret-operator/index.md @@ -62,7 +62,7 @@ kubectl create secret generic pulumi-access-token --from-literal=PULUMI_ACCESS_T You can create a [SecretStore](https://external-secrets.io/main/api/secretstore/) resource to notify the External Secrets Operator to use Pulumi ESC as a secret provider for a specific namespace. -However, if you want to expand the scope to entire cluster, you can use a [ClusterSecretStore](https://external-secrets.io/main/api/clustersecretstore/) resource instead. +However, if you want to expand the scope to an entire cluster you can use a [ClusterSecretStore](https://external-secrets.io/main/api/clustersecretstore/) resource instead. ```yaml cat <