maintenance(metis): inject harbor creds into service runtime

2026-04-19 20:52:04 -03:00 · 2026-04-19 20:52:04 -03:00 · 376e68ec31
commit 376e68ec31
parent 7497f8d4e0
1 changed files with 6 additions and 0 deletions
--- a/services/maintenance/metis-deployment.yaml
+++ b/services/maintenance/metis-deployment.yaml
@ -27,6 +27,11 @@ spec:
          {{ with secret "kv/data/atlas/maintenance/metis-runtime" }}
          export METIS_K3S_TOKEN="{{ .Data.data.k3s_token }}"
          {{ end }}
+        vault.hashicorp.com/agent-inject-secret-metis-harbor-env.sh: "kv/data/atlas/harbor/harbor-core"
+        vault.hashicorp.com/agent-inject-template-metis-harbor-env.sh: |
+          {{ with secret "kv/data/atlas/harbor/harbor-core" }}
+          export METIS_HARBOR_PASSWORD="{{ .Data.data.harbor_admin_password }}"
+          {{ end }}
        vault.hashicorp.com/agent-inject-secret-metis-ssh-env.sh: "kv/data/atlas/maintenance/metis-ssh-keys"
        vault.hashicorp.com/agent-inject-template-metis-ssh-env.sh: |
          {{ with secret "kv/data/atlas/maintenance/metis-ssh-keys" }}
@ -49,6 +54,7 @@ spec:
          args:
            - >-
              . /vault/secrets/metis-runtime-env.sh
+              && . /vault/secrets/metis-harbor-env.sh
              && . /vault/secrets/metis-ssh-env.sh
              && exec metis serve
          envFrom: