add vault VSO
This commit is contained in:
@@ -3,3 +3,5 @@ namespace: kube-system
|
||||
resources:
|
||||
- ./vault.yaml
|
||||
- ./vaultChartConfig.yaml
|
||||
- ./secretOperatorConfig.yaml
|
||||
- ./secretsOperator.yaml
|
||||
|
||||
40
manifests/kube-system/secretOperatorConfig.yaml
Normal file
40
manifests/kube-system/secretOperatorConfig.yaml
Normal file
@@ -0,0 +1,40 @@
|
||||
apiVersion: helm.cattle.io/v1
|
||||
kind: HelmChartConfig
|
||||
metadata:
|
||||
name: vault-secrets-operator
|
||||
spec:
|
||||
valuesContent: |-
|
||||
defaultVaultConnection:
|
||||
# toggles the deployment of the VaultAuthMethod CR
|
||||
# @type: boolean
|
||||
enabled: true
|
||||
|
||||
# Address of the Vault Server
|
||||
# @type: string
|
||||
# Example: http://vault.kube-system.svc.cluster.local:8200
|
||||
address: "http://vault.kube-system.svc.cluster.local:8200"
|
||||
|
||||
# SkipTLSVerify for TLS connections.
|
||||
# @type: boolean
|
||||
skipTLSVerify: true
|
||||
|
||||
defaultAuthMethod:
|
||||
enabled: true
|
||||
|
||||
# Kubernetes namespace glob patterns which are allow-listed for use with the default AuthMethod.
|
||||
# @type: array<string>
|
||||
allowedNamespaces:
|
||||
- "*"
|
||||
|
||||
method: kubernetes
|
||||
|
||||
mount: kubernetes
|
||||
|
||||
kubernetes:
|
||||
# Vault Auth Role to use
|
||||
# This is a required field and must be setup in Vault prior to deploying the helm chart
|
||||
# if `defaultAuthMethod.enabled=true`
|
||||
# @type: string
|
||||
role: "taskarr-role"
|
||||
|
||||
serviceAccount: default
|
||||
11
manifests/kube-system/secretsOperator.yaml
Normal file
11
manifests/kube-system/secretsOperator.yaml
Normal file
@@ -0,0 +1,11 @@
|
||||
apiVersion: helm.cattle.io/v1
|
||||
kind: HelmChart
|
||||
metadata:
|
||||
name: vault-secrets-operator
|
||||
spec:
|
||||
repo: https://helm.releases.hashicorp.com
|
||||
chart: vault-secrets-operator
|
||||
targetNamespace: kube-system
|
||||
version: 1.4.0
|
||||
valuesContent: |-
|
||||
|
||||
Reference in New Issue
Block a user