KubeArchive: encode password for rh03 (#7361)

Signed-off-by: Hector Martinez <[email protected]>

Author: rh-hemartin

components/kubearchive/production/kflux-prd-rh03/database-secret.yaml

@@ -0,0 +1,28 @@
+---
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: database-secret
+  annotations:
+    argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
+    argocd.argoproj.io/sync-wave: "-1"
+spec:
+  dataFrom:
+    - extract:
+        key: production/platform/terraform/generated/kflux-prd-rh03/kubearchive-database
+  refreshInterval: 1h
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: appsre-stonesoup-vault
+  target:
+    creationPolicy: Owner
+    deletionPolicy: Delete
+    name: kubearchive-database-credentials
+    template:
+      data:
+        DATABASE_KIND: postgresql
+        DATABASE_PORT: "5432"
+        DATABASE_URL: '{{ index . "db.host" }}'
+        DATABASE_PASSWORD: '{{ index . "db.password" | urlquery }}'
+        DATABASE_USER: '{{ index . "db.user" }}'
+        DATABASE_DB: '{{ index . "db.name" }}'

components/kubearchive/production/kflux-prd-rh03/kustomization.yaml

@@ -3,7 +3,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
   - ../../base
-  - ../base
+  - database-secret.yaml
   - https://github.com/kubearchive/kubearchive/releases/download/v1.2.0/kubearchive.yaml?timeout=90
 
 namespace: product-kubearchive
@@ -30,17 +30,6 @@ patches:
       metadata:
         name: kubearchive-database-credentials
         namespace: kubearchive
-  - patch: |-
-      apiVersion: external-secrets.io/v1beta1
-      kind: ExternalSecret
-      metadata:
-        name: database-secret
-      spec:
-        secretStoreRef:
-          name: appsre-stonesoup-vault
-        dataFrom:
-          - extract:
-              key: production/platform/terraform/generated/kflux-prd-rh03/kubearchive-database
   # These patches add an annotation so an OpenShift service
   # creates the TLS secrets instead of Cert Manager
   - patch: |-