titan-iac/infrastructure/postgres/secretproviderclass.yaml

# infrastructure/postgres/secretproviderclass.yaml
apiVersion: secrets-store.csi.x-k8s.io/v1
kind: SecretProviderClass
metadata:
  name: postgres-vault
  namespace: postgres
spec:
  provider: vault
  parameters:
    vaultAddress: "http://vault.vault.svc.cluster.local:8200"
    roleName: "postgres"
    objects: |
      - objectName: "postgres_password"
        secretPath: "kv/data/atlas/postgres/postgres-db"
        secretKey: "POSTGRES_PASSWORD"
platform: move postgres to infrastructure 2026-01-13 17:53:04 -03:00			`# infrastructure/postgres/secretproviderclass.yaml`
postgres: add flux + vault csi 2026-01-13 12:35:59 -03:00			`apiVersion: secrets-store.csi.x-k8s.io/v1`
			`kind: SecretProviderClass`
			`metadata:`
			`name: postgres-vault`
			`namespace: postgres`
			`spec:`
			`provider: vault`
			`parameters:`
			`vaultAddress: "http://vault.vault.svc.cluster.local:8200"`
			`roleName: "postgres"`
			`objects: \|`
			`- objectName: "postgres_password"`
platform: add cert-manager and align postgres vault path 2026-01-16 11:14:48 -03:00			`secretPath: "kv/data/atlas/postgres/postgres-db"`
postgres: add flux + vault csi 2026-01-13 12:35:59 -03:00			`secretKey: "POSTGRES_PASSWORD"`