yay more env stuff

This commit is contained in:
2026-05-15 00:32:26 +02:00
parent 2ee5a9f012
commit 3b3ea92c8d
3 changed files with 21 additions and 2 deletions

View File

@@ -0,0 +1,19 @@
apiVersion: secrets.hashicorp.com/v1beta1
kind: HCPDynamicSecret
metadata:
name: taskarr-db-app-user
spec:
mount: database
path: creds/taskarr-role
method: GET
destination:
name: taskarr-db-url
create: true
# This is where the magic happens
transformation:
templates:
DATABASE_URL:
# Use Go template syntax to build the string
# 'username' and 'password' come from the Vault response
content: "postgresql://{{ .username }}:{{ .password }}@postgres-service.taskarr.svc.cluster.local:5432/taskarr_db?sslmode=disable"
refreshAfter: 1h

View File

@@ -48,7 +48,7 @@ spec:
- name: DATABASE_URL - name: DATABASE_URL
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: taskarr-app name: taskarr-db-url
key: DATABASE_URL key: DATABASE_URL
- name: ORIGIN - name: ORIGIN
valueFrom: valueFrom:

View File

@@ -13,4 +13,4 @@ resources:
- ./postgres.yaml - ./postgres.yaml
- ./database-secret.yaml - ./database-secret.yaml
- ./app-secret.yaml - ./app-secret.yaml
- ./expose.yaml - ./db-taskarr-user.yaml