fix: remove sensitive data from secret manifest, prevent ArgoCD from overwriting encryption key

2026-04-14 19:09:41 +00:00
parent 13680d4811
commit 618b1e8d11
1 changed files with 6 additions and 7 deletions
@@ -1,13 +1,12 @@
 apiVersion: v1
-data:
-  encryption-key: REDACTED
 kind: Secret
 metadata:
-  annotations:
-    kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"v1","kind":"Secret","metadata":{"annotations":{},"name":"n8n-secret","namespace":"n8n"},"stringData":{"encryption-key":"Oc6e4mfCNU69FhJBU2blco3rz1doRyYl"},"type":"Opaque"}
-
-      '
  name: n8n-secret
  namespace: n8n
+  annotations:
+    argocd.argoproj.io/sync-options: "Prune=false"
+    # data managed manually — do NOT store the real value here
+    # create/update with: kubectl create secret generic n8n-secret \
+    #   --from-literal=encryption-key='<value-from-vaultwarden>' \
+    #   -n n8n --dry-run=client -o yaml | kubectl apply -f -
 type: Opaque
-