titan-iac/services/jitsi/secretproviderclass.yaml

# services/jitsi/secretproviderclass.yaml
apiVersion: secrets-store.csi.x-k8s.io/v1
kind: SecretProviderClass
metadata:
  name: jitsi-jwt
  namespace: jitsi
spec:
  provider: vault
  parameters:
    vaultAddress: "http://vault.vault.svc.cluster.local:8200"
    roleName: jitsi-jwt
    objects: |
      - objectName: "jwt"
        secretPath: "kv/data/jitsi/jwt-hs256"
        secretKey: "app_secret"
  secretObjects:
    - secretName: jitsi-jwt
      type: Opaque
      data:
        - objectName: "jwt"
          key: app_secret
jitsi: use vault jwt via csi 2025-12-25 03:15:06 -03:00			`# services/jitsi/secretproviderclass.yaml`
			`apiVersion: secrets-store.csi.x-k8s.io/v1`
			`kind: SecretProviderClass`
			`metadata:`
			`name: jitsi-jwt`
			`namespace: jitsi`
			`spec:`
			`provider: vault`
			`parameters:`
			`vaultAddress: "http://vault.vault.svc.cluster.local:8200"`
			`roleName: jitsi-jwt`
			`objects: \|`
			`- objectName: "jwt"`
			`secretPath: "kv/data/jitsi/jwt-hs256"`
			`secretKey: "app_secret"`
			`secretObjects:`
			`- secretName: jitsi-jwt`
			`type: Opaque`
			`data:`
			`- objectName: "jwt"`
			`key: app_secret`