apiVersion: secrets.infisical.com/v1alpha1
kind: InfisicalSecret
metadata:
  name: secrets
  namespace: infisical
  labels:
    label-to-be-passed-to-managed-secret: homelab
  annotations:
    example.com/annotation-to-be-passed-to-managed-secret: "homelab"
spec:
  hostAPI: https://app.infisical.com/api
  resyncInterval: 10
  authentication:
    # Universal Auth
    universalAuth:
      secretsScope:
        projectSlug: homelab-n-f-yj
        envSlug: prod
        secretsPath: "/apps/appname" # Root is "/"
        recursive: false # Whether or not to use recursive mode (Fetches all secrets in an environment from a given secret path, and all folders inside the path) / defaults to false
      credentialsRef:
        secretName: universal-auth-credentials
        secretNamespace: infisical
  managedSecretReference:
    secretName: app-secrets
    secretNamespace: ns
    creationPolicy: "Orphan" ## Owner | Orphan