titan-iac/services/jitsi/secretproviderclass.yaml

# services/jitsi/secretproviderclass.yaml
apiVersion: secrets-store.csi.x-k8s.io/v1
kind: SecretProviderClass
metadata:
  name: jitsi-jwt
  namespace: jitsi
spec:
  provider: vault
  parameters:
    vaultAddress: "http://vault.vault.svc.cluster.local:8200"
    roleName: jitsi-jwt
    objects: |
      - objectName: "jwt"
        secretPath: "kv/data/jitsi/jwt-hs256"
        secretKey: "app_secret"
  secretObjects:
    - secretName: jitsi-jwt
      type: Opaque
      data:
        - objectName: "jwt"
          key: app_secret