bstein/titan-iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
titan-iac/services/maintenance/secretproviderclass.yaml

40 lines
1.4 KiB
YAML
Raw Blame History

# services/maintenance/secretproviderclass.yaml
apiVersion: secrets-store.csi.x-k8s.io/v1
kind: SecretProviderClass
metadata:
name: maintenance-vault
namespace: maintenance
spec:
provider: vault
parameters:
vaultAddress: "http://vault.vault.svc.cluster.local:8200"
roleName: "maintenance"
objects: |
- objectName: "harbor-pull__dockerconfigjson"
secretPath: "kv/data/atlas/shared/harbor-pull"
secretKey: "dockerconfigjson"
- objectName: "soteria_restic__AWS_ACCESS_KEY_ID"
secretPath: "kv/data/atlas/maintenance/soteria-restic"
secretKey: "AWS_ACCESS_KEY_ID"
- objectName: "soteria_restic__AWS_SECRET_ACCESS_KEY"
secretPath: "kv/data/atlas/maintenance/soteria-restic"
secretKey: "AWS_SECRET_ACCESS_KEY"
- objectName: "soteria_restic__RESTIC_PASSWORD"
secretPath: "kv/data/atlas/maintenance/soteria-restic"
secretKey: "RESTIC_PASSWORD"
secretObjects:
- secretName: harbor-regcred
type: kubernetes.io/dockerconfigjson
data:
- objectName: harbor-pull__dockerconfigjson
key: .dockerconfigjson
- secretName: soteria-restic
type: Opaque
data:
- objectName: soteria_restic__AWS_ACCESS_KEY_ID
key: AWS_ACCESS_KEY_ID
- objectName: soteria_restic__AWS_SECRET_ACCESS_KEY
key: AWS_SECRET_ACCESS_KEY
- objectName: soteria_restic__RESTIC_PASSWORD
key: RESTIC_PASSWORD
Reference in New Issue View Git Blame Copy Permalink