titan-iac/services/postgres/secretproviderclass.yaml

# services/postgres/secretproviderclass.yaml
apiVersion: secrets-store.csi.x-k8s.io/v1
kind: SecretProviderClass
metadata:
  name: postgres-vault
  namespace: postgres
spec:
  provider: vault
  parameters:
    vaultAddress: "http://vault.vault.svc.cluster.local:8200"
    roleName: "postgres"
    objects: |
      - objectName: "postgres_password"
        secretPath: "kv/data/postgres"
        secretKey: "POSTGRES_PASSWORD"
postgres: add flux + vault csi 2026-01-13 12:35:59 -03:00			`# services/postgres/secretproviderclass.yaml`
			`apiVersion: secrets-store.csi.x-k8s.io/v1`
			`kind: SecretProviderClass`
			`metadata:`
			`name: postgres-vault`
			`namespace: postgres`
			`spec:`
			`provider: vault`
			`parameters:`
			`vaultAddress: "http://vault.vault.svc.cluster.local:8200"`
			`roleName: "postgres"`
			`objects: \|`
			`- objectName: "postgres_password"`
			`secretPath: "kv/data/postgres"`
			`secretKey: "POSTGRES_PASSWORD"`