# If not using IRSA, set the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables # Store these values in a Secret and load them in the container using envFrom. # For managing this secret via GitOps, consider using SOPS or SealedSecrets and add that manifest in a resource file for this kustomize build. # https://fluxcd.io/docs/guides/mozilla-sops/ # https://fluxcd.io/docs/guides/sealed-secrets/ --- apiVersion: batch/v1beta1 kind: CronJob metadata: name: credentials-sync namespace: flux-system spec: jobTemplate: spec: template: spec: containers: - name: sync envFrom: - secretRef: name: $(ECR_SECRET_NAME) # uncomment the var for this in kustomization.yaml