bstein/titan-iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

quality(sonarqube): inject exporter token from vault

Browse Source
This commit is contained in:
Brad Stein 2026-04-19 16:34:27 -03:00
parent 29138b8a51
commit 65edbd9ed9
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
services/quality/sonarqube-exporter-deployment.yaml
View File

@ -16,10 +16,18 @@ spec:
labels: labels:
app: sonarqube-exporter app: sonarqube-exporter
annotations: annotations:
vault.hashicorp.com/agent-inject: "true"
vault.hashicorp.com/role: "quality"
vault.hashicorp.com/agent-inject-secret-sonarqube-exporter-env.sh: "kv/data/atlas/quality/sonarqube-exporter"
vault.hashicorp.com/agent-inject-template-sonarqube-exporter-env.sh: |
{{- with secret "kv/data/atlas/quality/sonarqube-exporter" -}}
export SONARQUBE_TOKEN="{{ .Data.data.token }}"
{{- end -}}
prometheus.io/scrape: "true" prometheus.io/scrape: "true"
prometheus.io/port: "9798" prometheus.io/port: "9798"
prometheus.io/path: /metrics prometheus.io/path: /metrics
spec: spec:
serviceAccountName: quality-vault-sync
nodeSelector: nodeSelector:
node-role.kubernetes.io/worker: "true" node-role.kubernetes.io/worker: "true"
affinity: affinity:
@ -49,6 +57,9 @@ spec:
- -ec - -ec
args: args:
- | - |
if [ -f /vault/secrets/sonarqube-exporter-env.sh ]; then
. /vault/secrets/sonarqube-exporter-env.sh
fi
cp /config/exporter.py /app/exporter.py cp /config/exporter.py /app/exporter.py
python /app/exporter.py python /app/exporter.py
env: env: