73 lines
2.5 KiB
YAML
73 lines
2.5 KiB
YAML
# services/jenkins/secretproviderclass.yaml
|
|
apiVersion: secrets-store.csi.x-k8s.io/v1
|
|
kind: SecretProviderClass
|
|
metadata:
|
|
name: jenkins-vault
|
|
namespace: jenkins
|
|
spec:
|
|
provider: vault
|
|
parameters:
|
|
vaultAddress: "http://vault.vault.svc.cluster.local:8200"
|
|
roleName: "jenkins"
|
|
objects: |
|
|
- objectName: "jenkins-oidc__clientId"
|
|
secretPath: "kv/data/atlas/jenkins/jenkins-oidc"
|
|
secretKey: "clientId"
|
|
- objectName: "jenkins-oidc__clientSecret"
|
|
secretPath: "kv/data/atlas/jenkins/jenkins-oidc"
|
|
secretKey: "clientSecret"
|
|
- objectName: "jenkins-oidc__authorizationUrl"
|
|
secretPath: "kv/data/atlas/jenkins/jenkins-oidc"
|
|
secretKey: "authorizationUrl"
|
|
- objectName: "jenkins-oidc__tokenUrl"
|
|
secretPath: "kv/data/atlas/jenkins/jenkins-oidc"
|
|
secretKey: "tokenUrl"
|
|
- objectName: "jenkins-oidc__userInfoUrl"
|
|
secretPath: "kv/data/atlas/jenkins/jenkins-oidc"
|
|
secretKey: "userInfoUrl"
|
|
- objectName: "jenkins-oidc__logoutUrl"
|
|
secretPath: "kv/data/atlas/jenkins/jenkins-oidc"
|
|
secretKey: "logoutUrl"
|
|
- objectName: "harbor-robot-creds__username"
|
|
secretPath: "kv/data/atlas/jenkins/harbor-robot-creds"
|
|
secretKey: "username"
|
|
- objectName: "harbor-robot-creds__password"
|
|
secretPath: "kv/data/atlas/jenkins/harbor-robot-creds"
|
|
secretKey: "password"
|
|
- objectName: "gitea-pat__username"
|
|
secretPath: "kv/data/atlas/jenkins/gitea-pat"
|
|
secretKey: "username"
|
|
- objectName: "gitea-pat__token"
|
|
secretPath: "kv/data/atlas/jenkins/gitea-pat"
|
|
secretKey: "token"
|
|
secretObjects:
|
|
- secretName: jenkins-oidc
|
|
type: Opaque
|
|
data:
|
|
- objectName: jenkins-oidc__clientId
|
|
key: clientId
|
|
- objectName: jenkins-oidc__clientSecret
|
|
key: clientSecret
|
|
- objectName: jenkins-oidc__authorizationUrl
|
|
key: authorizationUrl
|
|
- objectName: jenkins-oidc__tokenUrl
|
|
key: tokenUrl
|
|
- objectName: jenkins-oidc__userInfoUrl
|
|
key: userInfoUrl
|
|
- objectName: jenkins-oidc__logoutUrl
|
|
key: logoutUrl
|
|
- secretName: harbor-robot-creds
|
|
type: Opaque
|
|
data:
|
|
- objectName: harbor-robot-creds__username
|
|
key: username
|
|
- objectName: harbor-robot-creds__password
|
|
key: password
|
|
- secretName: gitea-pat
|
|
type: Opaque
|
|
data:
|
|
- objectName: gitea-pat__username
|
|
key: username
|
|
- objectName: gitea-pat__token
|
|
key: token
|