---
apiVersion: onepassword.com/v1
kind: OnePasswordItem
metadata:
  name: cloudflare-api-key
  namespace: external-dns-system
spec:
  itemPath: "vaults/cluster/items/cloudflare-token"
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
  name: external-dns-repo
  namespace: external-dns-system
spec:
  interval: 15m0s
  url: https://kubernetes-sigs.github.io/external-dns/
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  name: external-dns
  namespace: external-dns-system
spec:
  chart:
    spec:
      chart: external-dns
      reconcileStrategy: ChartVersion
      sourceRef:
        kind: HelmRepository
        name: external-dns-repo
      version: 1.15.0
  interval: 1m
  timeout: 5m
  values:
    provider:
      name: cloudflare
    env:
      - name: CF_API_TOKEN
        valueFrom:
          secretKeyRef:
            name: cloudflare-token
            key: password